From 890ada5955e0b01330d56900074d477ecd8fa473 Mon Sep 17 00:00:00 2001 From: lloyd <lloyd@randombit.net> Date: Wed, 30 Dec 2009 03:16:30 +0000 Subject: Remove BOTAN_DLL from forward decl, not needed and GCC 4.1 warns --- src/math/gfpmath/gfp_modulus.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/math') diff --git a/src/math/gfpmath/gfp_modulus.h b/src/math/gfpmath/gfp_modulus.h index 4773a8b89..03e8a19e0 100644 --- a/src/math/gfpmath/gfp_modulus.h +++ b/src/math/gfpmath/gfp_modulus.h @@ -13,7 +13,7 @@ namespace Botan { -class BOTAN_DLL GFpElement; +class GFpElement; /** * This class represents a GFpElement modulus including the modulus -- cgit v1.2.3 From 811fed1957f284456e1455032f729e74c4fed458 Mon Sep 17 00:00:00 2001 From: lloyd <lloyd@randombit.net> Date: Thu, 31 Dec 2009 03:43:02 +0000 Subject: Add copyright and license notes to pretty much every file that didn't have them, including the examples and self-test code. Most of these files had not copyright/license information at all; since a major point of the examples is to allow users to copy and paste code that already does something they want, an ambigious license is not good. --- checks/bench.cpp | 5 +++++ checks/bigint.cpp | 6 ++++++ checks/block.cpp | 6 ++++++ checks/check.cpp | 6 ++++++ checks/dolook.cpp | 6 ++++++ checks/ec_tests.cpp | 6 ++++++ checks/getopt.cpp | 5 +++++ checks/getopt.h | 5 +++++ checks/misc.cpp | 6 ++++++ checks/pk.cpp | 6 ++++++ checks/pk_bench.cpp | 6 ++++++ checks/timer.cpp | 6 ++++++ checks/validate.cpp | 6 ++++++ checks/x509.cpp | 6 ++++++ doc/examples/asn1.cpp | 14 +++++++------- doc/examples/base.cpp | 44 ------------------------------------------ doc/examples/base64.cpp | 12 +++++------- doc/examples/bench.cpp | 6 ++++++ doc/examples/benchmark.cpp | 6 ++++++ doc/examples/bzip.cpp | 18 ++++++++++++----- doc/examples/ca.cpp | 10 ++++++---- doc/examples/checksum.cpp | 6 ++++++ doc/examples/cms_dec.cpp | 6 ++++++ doc/examples/cms_enc.cpp | 6 ++++++ doc/examples/cpuid.cpp | 6 ++++++ doc/examples/cryptobox.cpp | 5 ++++- doc/examples/decrypt.cpp | 17 +++++++++------- doc/examples/dh.cpp | 9 ++++----- doc/examples/dsa_kgen.cpp | 28 +++++++++++++++------------ doc/examples/dsa_sign.cpp | 10 ++++------ doc/examples/dsa_ver.cpp | 18 +++++++++-------- doc/examples/eax_test.cpp | 6 ++++++ doc/examples/ecdsa.cpp | 6 ++++++ doc/examples/encrypt.cpp | 13 +++++++------ doc/examples/encrypt2.cpp | 6 ++++++ doc/examples/factor.cpp | 6 ++++++ doc/examples/fpe.cpp | 6 ++++++ doc/examples/gen_certs.cpp | 6 ++++++ doc/examples/gtk/gtk_ui.h | 14 ++++++++------ doc/examples/hash.cpp | 12 +++--------- doc/examples/hash_fd.cpp | 23 +++++++++++----------- doc/examples/hash_quickly.cpp | 6 ++++++ doc/examples/hasher.cpp | 11 ++++------- doc/examples/hasher2.cpp | 19 ++++++++++-------- doc/examples/make_prime.cpp | 6 ++++++ doc/examples/package.cpp | 6 ++++++ doc/examples/passhash.cpp | 6 ++++++ doc/examples/pkcs10.cpp | 11 ++++------- doc/examples/pqg_gen.cpp | 6 ++++++ doc/examples/read_ssh.cpp | 6 ++++++ doc/examples/ressol.cpp | 6 ++++++ doc/examples/rng_test.cpp | 6 ++++++ doc/examples/row_encryptor.cpp | 10 ++++++++-- doc/examples/rsa_dec.cpp | 10 ++++++---- doc/examples/rsa_enc.cpp | 12 ++++++------ doc/examples/rsa_kgen.cpp | 11 ++++++----- doc/examples/rsa_manykey.cpp | 6 ++++++ doc/examples/self_sig.cpp | 19 ++++++++++-------- doc/examples/sig_gen.cpp | 6 ++++++ doc/examples/stack.cpp | 14 ++++++++------ doc/examples/test_es.cpp | 6 ++++++ doc/examples/tss.cpp | 6 ++++++ doc/examples/x509info.cpp | 12 +++++------- doc/examples/xor_ciph.cpp | 12 ++++++------ src/cert/cvc/asn1_eac_tm.cpp | 4 ++-- src/cert/cvc/cvc_self.cpp | 4 ++-- src/math/gfpmath/gfp_element.h | 1 - src/pubkey/ecc_key/ecc_key.cpp | 4 ++-- src/pubkey/ecdsa/ecdsa.cpp | 4 ++-- src/pubkey/eckaeg/eckaeg.cpp | 8 ++++---- src/wrap/python/filter.cpp | 10 ++++++---- src/wrap/python/python_botan.h | 5 +++++ src/wrap/python/x509.cpp | 10 ++++++---- 73 files changed, 437 insertions(+), 226 deletions(-) delete mode 100644 doc/examples/base.cpp (limited to 'src/math') diff --git a/checks/bench.cpp b/checks/bench.cpp index 3be61462a..7082eca68 100644 --- a/checks/bench.cpp +++ b/checks/bench.cpp @@ -1,3 +1,8 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ #include <iostream> #include <iomanip> diff --git a/checks/bigint.cpp b/checks/bigint.cpp index a56fd9181..86e37cd7b 100644 --- a/checks/bigint.cpp +++ b/checks/bigint.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <vector> #include <string> #include <fstream> diff --git a/checks/block.cpp b/checks/block.cpp index 8f07cd65c..3cd41e63a 100644 --- a/checks/block.cpp +++ b/checks/block.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + /* We don't use the standard issue ECB filter, because we also want to check diff --git a/checks/check.cpp b/checks/check.cpp index 975315608..03579b51a 100644 --- a/checks/check.cpp +++ b/checks/check.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + /* * Test Driver for Botan */ diff --git a/checks/dolook.cpp b/checks/dolook.cpp index b64c5a5a3..28ac60c1b 100644 --- a/checks/dolook.cpp +++ b/checks/dolook.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <vector> #include <string> diff --git a/checks/ec_tests.cpp b/checks/ec_tests.cpp index 0420e0ee2..8727a4624 100644 --- a/checks/ec_tests.cpp +++ b/checks/ec_tests.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/build.h> #include "validate.h" diff --git a/checks/getopt.cpp b/checks/getopt.cpp index c0145ca75..23cb2a9fa 100644 --- a/checks/getopt.cpp +++ b/checks/getopt.cpp @@ -1,3 +1,8 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ #include "getopt.h" diff --git a/checks/getopt.h b/checks/getopt.h index 6d6cfe89f..68e6bd874 100644 --- a/checks/getopt.h +++ b/checks/getopt.h @@ -1,3 +1,8 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ #ifndef BOTAN_CHECK_GETOPT_H__ #define BOTAN_CHECK_GETOPT_H__ diff --git a/checks/misc.cpp b/checks/misc.cpp index a49778dc6..ff95ed10f 100644 --- a/checks/misc.cpp +++ b/checks/misc.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <iostream> #include <vector> #include <string> diff --git a/checks/pk.cpp b/checks/pk.cpp index c02005245..e6f4d4f48 100644 --- a/checks/pk.cpp +++ b/checks/pk.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <iostream> #include <fstream> #include <string> diff --git a/checks/pk_bench.cpp b/checks/pk_bench.cpp index 31c48c1da..a0ea1d1d3 100644 --- a/checks/pk_bench.cpp +++ b/checks/pk_bench.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/pkcs8.h> #include <botan/mem_ops.h> #include <botan/look_pk.h> diff --git a/checks/timer.cpp b/checks/timer.cpp index 1bdaebb7f..3736a4779 100644 --- a/checks/timer.cpp +++ b/checks/timer.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include "timer.h" #include <botan/time.h> #include <iomanip> diff --git a/checks/validate.cpp b/checks/validate.cpp index ff26e855a..9500589ca 100644 --- a/checks/validate.cpp +++ b/checks/validate.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + /* Validation routines */ diff --git a/checks/x509.cpp b/checks/x509.cpp index 69dd29492..8b7ce7d47 100644 --- a/checks/x509.cpp +++ b/checks/x509.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/filters.h> diff --git a/doc/examples/asn1.cpp b/doc/examples/asn1.cpp index 95757ec19..b0a6aa104 100644 --- a/doc/examples/asn1.cpp +++ b/doc/examples/asn1.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + /* A simple ASN.1 parser, similiar to 'dumpasn1' or 'openssl asn1parse', though without some of the bells and whistles of those. Primarily used for testing @@ -14,12 +20,8 @@ - Nov 25: Much improved BIT STRING output Can deal with non-constructed taggings Can produce UTF-8 output - - This file is in the public domain. */ -/*******************************************************************/ - // Set this if your terminal understands UTF-8; otherwise output is in Latin-1 #define UTF8_TERMINAL 1 @@ -30,8 +32,6 @@ */ #define INITIAL_LEVEL 0 -/*******************************************************************/ - #include <botan/botan.h> #include <botan/bigint.h> #include <botan/der_enc.h> @@ -56,7 +56,7 @@ int main(int argc, char* argv[]) printf("Usage: %s <file>\n", argv[0]); return 1; } - + Botan::LibraryInitializer init; try { diff --git a/doc/examples/base.cpp b/doc/examples/base.cpp deleted file mode 100644 index eca0ccf24..000000000 --- a/doc/examples/base.cpp +++ /dev/null @@ -1,44 +0,0 @@ -/* - A simple template for Botan applications, showing startup, etc -*/ -#include <botan/botan.h> -using namespace Botan; - -/* This is how you can do compile-time version checking */ - -#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,6,3) - #error Your Botan installation is too old; upgrade to 1.6.3 or later -#endif - -#include <iostream> - -int main(int argc, char* argv[]) - { - Botan::LibraryInitializer init; - - try - { - /* Put it inside the try block so exceptions at startup/shutdown will - get caught. - - It will be initialized with default options - */ - - if(argc > 2) - { - std::cout << "Usage: " << argv[0] << "[initializer args]\n"; - return 2; - } - - std::string args = (argc == 2) ? argv[1] : ""; - - LibraryInitializer init(args); - // your operations here - } - catch(std::exception& e) - { - std::cout << e.what() << std::endl; - return 1; - } - return 0; - } diff --git a/doc/examples/base64.cpp b/doc/examples/base64.cpp index d35aaf593..dbe8d19e3 100644 --- a/doc/examples/base64.cpp +++ b/doc/examples/base64.cpp @@ -1,12 +1,10 @@ /* -An Botan example application which emulates a poorly written version of -"uuencode -m" - -Written by Jack Lloyd (lloyd@randombit.net), in maybe an hour scattered -over 2000/2001 - -This file is in the public domain +* Encode/decode base64 strings +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license */ + #include <fstream> #include <iostream> #include <string> diff --git a/doc/examples/bench.cpp b/doc/examples/bench.cpp index 6a15df7c0..87a537493 100644 --- a/doc/examples/bench.cpp +++ b/doc/examples/bench.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/benchmark.h> #include <botan/init.h> #include <botan/auto_rng.h> diff --git a/doc/examples/benchmark.cpp b/doc/examples/benchmark.cpp index fa91726e5..006450314 100644 --- a/doc/examples/benchmark.cpp +++ b/doc/examples/benchmark.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/botan.h> #include <botan/benchmark.h> diff --git a/doc/examples/bzip.cpp b/doc/examples/bzip.cpp index 02252fb94..c3509c4da 100644 --- a/doc/examples/bzip.cpp +++ b/doc/examples/bzip.cpp @@ -1,10 +1,10 @@ /* -An Botan example application which emulates a poorly written version of bzip2 - -Written by Jack Lloyd (lloyd@randombit.net), Jun 9, 2001 - -This file is in the public domain +* Bzip2 Compression/Decompression +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license */ + #include <string> #include <cstring> #include <vector> @@ -12,6 +12,14 @@ This file is in the public domain #include <iostream> #include <botan/botan.h> +/* +* If Bzip2 isn't included, we know nothing works at compile time, but +* we wait to fail at runtime. Otherwise I would get 2-3 mails a month +* about how this was failing to compile (even with an informative +* #error message explaining the situation) because bzip2 wasn't +* included in the build. +*/ + #if defined(BOTAN_HAS_COMPRESSOR_BZIP2) #include <botan/bzip2.h> #endif diff --git a/doc/examples/ca.cpp b/doc/examples/ca.cpp index f5eccdde9..8dd3e981f 100644 --- a/doc/examples/ca.cpp +++ b/doc/examples/ca.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + /* Implement the functionality of a simple CA: read in a CA certificate, the associated private key, and a PKCS #10 certificate request. Sign the @@ -7,10 +13,6 @@ cacert.pem: The CA's certificate (perhaps created by self_sig) caprivate.pem: The CA's private key req.pem: The user's PKCS #10 certificate request - - Written by Jack Lloyd, May 19, 2003 - - This file is in the public domain. */ #include <botan/botan.h> diff --git a/doc/examples/checksum.cpp b/doc/examples/checksum.cpp index 232be057c..dba7a7d70 100644 --- a/doc/examples/checksum.cpp +++ b/doc/examples/checksum.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/botan.h> #include <botan/filters.h> diff --git a/doc/examples/cms_dec.cpp b/doc/examples/cms_dec.cpp index de4d732f0..6a9d99137 100644 --- a/doc/examples/cms_dec.cpp +++ b/doc/examples/cms_dec.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/botan.h> #include <botan/pkcs8.h> #include <botan/cms_dec.h> diff --git a/doc/examples/cms_enc.cpp b/doc/examples/cms_enc.cpp index de16bbaae..2cf813987 100644 --- a/doc/examples/cms_enc.cpp +++ b/doc/examples/cms_enc.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/botan.h> #include <botan/cms_enc.h> using namespace Botan; diff --git a/doc/examples/cpuid.cpp b/doc/examples/cpuid.cpp index 76438783f..ba499051f 100644 --- a/doc/examples/cpuid.cpp +++ b/doc/examples/cpuid.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <iostream> #include <botan/cpuid.h> diff --git a/doc/examples/cryptobox.cpp b/doc/examples/cryptobox.cpp index 0a769b0cd..f45f00ca1 100644 --- a/doc/examples/cryptobox.cpp +++ b/doc/examples/cryptobox.cpp @@ -1,6 +1,9 @@ /* -* Cryptobox example +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license */ + #include <botan/botan.h> #include <botan/cryptobox.h> #include <fstream> diff --git a/doc/examples/decrypt.cpp b/doc/examples/decrypt.cpp index 68d5f890b..ebab5d804 100644 --- a/doc/examples/decrypt.cpp +++ b/doc/examples/decrypt.cpp @@ -1,14 +1,17 @@ /* -Decrypt files encrypted with the 'encrypt' example application. - -I'm being lazy and writing the output to stdout rather than stripping off the -".enc" suffix and writing it there. So all diagnostics go to stderr so there is -no confusion. +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ -Written by Jack Lloyd (lloyd@randombit.net) on August 5, 2002 +/* +Decrypt files encrypted with the 'encrypt' example application. -This file is in the public domain +I'm being lazy and writing the output to stdout rather than stripping +off the ".enc" suffix and writing it there. So all diagnostics go to +stderr so there is no confusion. */ + #include <fstream> #include <iostream> #include <string> diff --git a/doc/examples/dh.cpp b/doc/examples/dh.cpp index 7855aeae5..4c6961234 100644 --- a/doc/examples/dh.cpp +++ b/doc/examples/dh.cpp @@ -1,10 +1,9 @@ /* - A simple DH example - - Written by Jack Lloyd (lloyd@randombit.net), on December 24, 2003 - - This file is in the public domain +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license */ + #include <botan/botan.h> #include <botan/dh.h> #include <botan/rng.h> diff --git a/doc/examples/dsa_kgen.cpp b/doc/examples/dsa_kgen.cpp index 4669cf705..e949ae54a 100644 --- a/doc/examples/dsa_kgen.cpp +++ b/doc/examples/dsa_kgen.cpp @@ -1,19 +1,23 @@ /* -Generate a 1024 bit DSA key and put it into a file. The public key format is -that specified by X.509, while the private key format is PKCS #8. +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ -The domain parameters are the ones specified as the Java default DSA -parameters. There is nothing special about these, it's just the only 1024-bit -DSA parameter set that's included in Botan at the time of this writing. The -application always reads/writes all of the domain parameters to/from the file, -so a new set could be used without any problems. We could generate a new set -for each key, or read a set of DSA params from a file and use those, but they -mostly seem like needless complications. -Written by Jack Lloyd (lloyd@randombit.net), August 5, 2002 - Updated to use X.509 and PKCS #8 formats, October 21, 2002 +/** +Generate a 1024 bit DSA key and put it into a file. The public key +format is that specified by X.509, while the private key format is +PKCS #8. -This file is in the public domain +The domain parameters are the ones specified as the Java default DSA +parameters. There is nothing special about these, it's just the only +1024-bit DSA parameter set that's included in Botan at the time of +this writing. The application always reads/writes all of the domain +parameters to/from the file, so a new set could be used without any +problems. We could generate a new set for each key, or read a set of +DSA params from a file and use those, but they mostly seem like +needless complications. */ #include <iostream> diff --git a/doc/examples/dsa_sign.cpp b/doc/examples/dsa_sign.cpp index caf050313..abc22d0de 100644 --- a/doc/examples/dsa_sign.cpp +++ b/doc/examples/dsa_sign.cpp @@ -1,10 +1,8 @@ /* -Decrypt an encrypted DSA private key. Then use that key to sign a message. - -Written by Jack Lloyd (lloyd@randombit.net), August 5, 2002 - Updated to use X.509 and PKCS #8 format keys, October 21, 2002 - -This file is in the public domain +* DSA signature generation example +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license */ #include <iostream> diff --git a/doc/examples/dsa_ver.cpp b/doc/examples/dsa_ver.cpp index 3b7ea0255..4a2f62ce4 100644 --- a/doc/examples/dsa_ver.cpp +++ b/doc/examples/dsa_ver.cpp @@ -1,14 +1,16 @@ /* -Grab an DSA public key from the file given as an argument, grab a signature -from another file, and verify the message (which, suprise, is also in a file). - -The signature format isn't particularly standard, but it's not bad. It's simply -the IEEE 1363 signature format, encoded into base64 with a trailing newline +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ -Written by Jack Lloyd (lloyd@randombit.net), August 5, 2002 - Updated to use X.509 format keys, October 21, 2002 +/* +Grab an DSA public key from the file given as an argument, grab a +signature from another file, and verify the message (which, suprise, +is also in a file). -This file is in the public domain +The signature format isn't particularly standard: take the IEEE 1363 +signature format, encoded into base64 with a trailing newline. */ #include <iostream> diff --git a/doc/examples/eax_test.cpp b/doc/examples/eax_test.cpp index 283e33501..3f7dbcbc8 100644 --- a/doc/examples/eax_test.cpp +++ b/doc/examples/eax_test.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <fstream> #include <iostream> #include <sstream> diff --git a/doc/examples/ecdsa.cpp b/doc/examples/ecdsa.cpp index 065203a94..f55005544 100644 --- a/doc/examples/ecdsa.cpp +++ b/doc/examples/ecdsa.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/botan.h> #include <botan/ecdsa.h> #include <botan/pubkey.h> diff --git a/doc/examples/encrypt.cpp b/doc/examples/encrypt.cpp index 348ee8d39..f903c2f24 100644 --- a/doc/examples/encrypt.cpp +++ b/doc/examples/encrypt.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + /* Encrypt a file using a block cipher in CBC mode. Compresses the plaintext with Zlib, MACs with HMAC(SHA-1). Stores the block cipher used in the file, @@ -10,13 +16,8 @@ was compressed. Bonus points for supporting multiple compression schemes. Another flaw is that is stores the entire ciphertext in memory, so if the file you're encrypting is 1 Gb... you better have a lot of RAM. - -Based on the base64 example, of all things - -Written by Jack Lloyd (lloyd@randombit.net) on August 5, 2002 - -This file is in the public domain */ + #include <fstream> #include <iostream> #include <string> diff --git a/doc/examples/encrypt2.cpp b/doc/examples/encrypt2.cpp index 4af0cf019..dac2f8314 100644 --- a/doc/examples/encrypt2.cpp +++ b/doc/examples/encrypt2.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/botan.h> #include <botan/pbkdf2.h> #include <botan/hmac.h> diff --git a/doc/examples/factor.cpp b/doc/examples/factor.cpp index ff3c23c5d..7700d9b2d 100644 --- a/doc/examples/factor.cpp +++ b/doc/examples/factor.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + /* Factor integers using a combination of trial division by small primes, and Pollard's Rho algorithm diff --git a/doc/examples/fpe.cpp b/doc/examples/fpe.cpp index 7108b3ece..73773994b 100644 --- a/doc/examples/fpe.cpp +++ b/doc/examples/fpe.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + /* * Encrypt credit cards numbers with valid checksums into other credit * card numbers with valid checksums using format preserving encryption. diff --git a/doc/examples/gen_certs.cpp b/doc/examples/gen_certs.cpp index 8490a167e..0d04d6d1c 100644 --- a/doc/examples/gen_certs.cpp +++ b/doc/examples/gen_certs.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + /* * Generate a root CA plus httpd, dovecot, and postfix certs/keys * diff --git a/doc/examples/gtk/gtk_ui.h b/doc/examples/gtk/gtk_ui.h index 9ced83a81..065a4f76b 100644 --- a/doc/examples/gtk/gtk_ui.h +++ b/doc/examples/gtk/gtk_ui.h @@ -1,6 +1,8 @@ -/************************************************* -* GTK+ User Interface Header File * -*************************************************/ +/* +* (C) 2006 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ #ifndef BOTAN_EXT_GTK_UI__ #define BOTAN_EXT_GTK_UI__ @@ -8,9 +10,9 @@ #include <botan/ui.h> #include <gtk/gtk.h> -/************************************************* -* GTK+ Passphrase Callback Object * -*************************************************/ +/* +* GTK+ Passphrase Callback Object +*/ class GTK_UI : public Botan::User_Interface { public: diff --git a/doc/examples/hash.cpp b/doc/examples/hash.cpp index a97cd6082..feaa2e9b3 100644 --- a/doc/examples/hash.cpp +++ b/doc/examples/hash.cpp @@ -1,13 +1,7 @@ /* -Prints the message digest of files, using an arbitrary hash function -chosen by the user. This is less flexible that I might like, for example: - ./hash sha1 some_file [or md5 or sha-1 or ripemd160 or ...] -will not work, cause the name lookup is case-sensitive. Oh well... - -Written by Jack Lloyd (lloyd@randombit.net), on August 4, 2002 - - December 16, 2003: "Fixed" to accept "sha1" or "md5" as a hash name - -This file is in the public domain +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license */ #include <iostream> diff --git a/doc/examples/hash_fd.cpp b/doc/examples/hash_fd.cpp index 82ca2c3b4..32acdbec3 100644 --- a/doc/examples/hash_fd.cpp +++ b/doc/examples/hash_fd.cpp @@ -1,18 +1,17 @@ /* -Written by Jack Lloyd (lloyd@randombit.net), on Prickle-Prickle, -the 10th of Bureaucracy, 3167. - -This file is in the public domain - -This is just like the normal hash application, but uses the Unix I/O system -calls instead of C++ iostreams. Previously, this version was much faster and -smaller, but GCC 3.1's libstdc++ seems to have been improved enough that the -difference is now fairly minimal. +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ -Nicely enough, doing the change required changing only about 3 lines of code. +/* +This is just like the normal hash application, but uses the Unix I/O +system calls instead of C++ iostreams. Previously, this version was +much faster and smaller, but GCC 3.1's libstdc++ seems to have been +improved enough that the difference is now fairly minimal. -Note that this requires you to be on a machine running some sort of Unix. Well, -I guess any POSIX.1 compliant OS (in theory). +Nicely enough, doing the change required changing only about 3 lines +of code. */ #include <iostream> diff --git a/doc/examples/hash_quickly.cpp b/doc/examples/hash_quickly.cpp index c8c8ca5fb..a5236b381 100644 --- a/doc/examples/hash_quickly.cpp +++ b/doc/examples/hash_quickly.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/botan.h> #include <botan/benchmark.h> #include <botan/filters.h> diff --git a/doc/examples/hasher.cpp b/doc/examples/hasher.cpp index 5ba982fc0..f3f2ab874 100644 --- a/doc/examples/hasher.cpp +++ b/doc/examples/hasher.cpp @@ -1,12 +1,9 @@ /* -A Botan example application which emulates a -poorly written version of "gpg --print-md" - -Written by Jack Lloyd (lloyd@randombit.net), quite a while ago (as of June -2001) - -This file is in the public domain +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license */ + #include <fstream> #include <iostream> #include <string> diff --git a/doc/examples/hasher2.cpp b/doc/examples/hasher2.cpp index 12d3c853d..abbe11622 100644 --- a/doc/examples/hasher2.cpp +++ b/doc/examples/hasher2.cpp @@ -1,15 +1,18 @@ /* -Identical to hasher.cpp, but uses Pipe in a different way. - -Note this tends to be much less efficient than hasher.cpp, because it does -three passes over the file. For a small file, it doesn't really matter. But for -a large file, or for something you can't re-read easily (socket, stdin, ...) -this is a bad idea. +* (C) 2001 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ -Written by Jack Lloyd (lloyd@randombit.net), Feb 8 2001 +/* +Identical to hasher.cpp, but uses Pipe in a different way. -This file is in the public domain +Note this tends to be much less efficient than hasher.cpp, because it +does three passes over the file. For a small file, it doesn't really +matter. But for a large file, or for something you can't re-read +easily (socket, stdin, ...) this is a bad idea. */ + #include <fstream> #include <iostream> #include <string> diff --git a/doc/examples/make_prime.cpp b/doc/examples/make_prime.cpp index eaff1867f..acaaac698 100644 --- a/doc/examples/make_prime.cpp +++ b/doc/examples/make_prime.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/numthry.h> #include <botan/auto_rng.h> #include <botan/botan.h> diff --git a/doc/examples/package.cpp b/doc/examples/package.cpp index 866dd7e96..14d215f73 100644 --- a/doc/examples/package.cpp +++ b/doc/examples/package.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/botan.h> #include <botan/serpent.h> diff --git a/doc/examples/passhash.cpp b/doc/examples/passhash.cpp index 7f5bbc2bb..24f7ff674 100644 --- a/doc/examples/passhash.cpp +++ b/doc/examples/passhash.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/botan.h> #include <botan/pbkdf2.h> #include <botan/hmac.h> diff --git a/doc/examples/pkcs10.cpp b/doc/examples/pkcs10.cpp index d9fa9accb..3f5ec8e05 100644 --- a/doc/examples/pkcs10.cpp +++ b/doc/examples/pkcs10.cpp @@ -1,12 +1,9 @@ /* -Generate a 1024 bit RSA key, and then create a PKCS #10 certificate request for -that key. The private key will be stored as an encrypted PKCS #8 object, and -stored in another file. - -Written by Jack Lloyd (lloyd@randombit.net), April 7, 2003 - -This file is in the public domain +* (C) 2003 Jack Lloyd +* +* Distributed under the terms of the Botan license */ + #include <botan/init.h> #include <botan/auto_rng.h> #include <botan/x509self.h> diff --git a/doc/examples/pqg_gen.cpp b/doc/examples/pqg_gen.cpp index e4b959883..4104e8ecb 100644 --- a/doc/examples/pqg_gen.cpp +++ b/doc/examples/pqg_gen.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <iostream> #include <fstream> #include <string> diff --git a/doc/examples/read_ssh.cpp b/doc/examples/read_ssh.cpp index a88306caa..52c758ceb 100644 --- a/doc/examples/read_ssh.cpp +++ b/doc/examples/read_ssh.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + /* * Example of reading SSH2 format public keys (see RFC 4716) */ diff --git a/doc/examples/ressol.cpp b/doc/examples/ressol.cpp index 43bb68d37..286377fc6 100644 --- a/doc/examples/ressol.cpp +++ b/doc/examples/ressol.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/numthry.h> #include <botan/auto_rng.h> #include <botan/botan.h> diff --git a/doc/examples/rng_test.cpp b/doc/examples/rng_test.cpp index 8d4253a6e..05f2c28a4 100644 --- a/doc/examples/rng_test.cpp +++ b/doc/examples/rng_test.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/botan.h> #include <botan/x931_rng.h> #include <botan/filters.h> diff --git a/doc/examples/row_encryptor.cpp b/doc/examples/row_encryptor.cpp index 162e962e0..17f44ce7b 100644 --- a/doc/examples/row_encryptor.cpp +++ b/doc/examples/row_encryptor.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <string> #include <memory> #include <sstream> @@ -99,8 +105,8 @@ std::string Row_Encryptor::decrypt(const std::string& input, return dec_pipe.read_all_as_string(Pipe::LAST_MESSAGE); } -/************************* - Test code follows: +/* +* Test code follows: */ int main() diff --git a/doc/examples/rsa_dec.cpp b/doc/examples/rsa_dec.cpp index 25ce33f47..1e789d748 100644 --- a/doc/examples/rsa_dec.cpp +++ b/doc/examples/rsa_dec.cpp @@ -1,11 +1,13 @@ +/* +* (C) 2002 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + /* Decrypt an encrypted RSA private key. Then use that key to decrypt a message. This program can decrypt messages generated by rsa_enc, and uses the same key format as that generated by rsa_kgen. - -Written by Jack Lloyd (lloyd@randombit.net), June 3-5, 2002 - -This file is in the public domain */ #include <iostream> diff --git a/doc/examples/rsa_enc.cpp b/doc/examples/rsa_enc.cpp index f9b8c5561..904b1e379 100644 --- a/doc/examples/rsa_enc.cpp +++ b/doc/examples/rsa_enc.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2002 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + /* Grab an RSA public key from the file given as an argument, grab a message from another file, and encrypt the message. @@ -18,12 +24,6 @@ the _plaintext_ 3) Following lines are base64 encoded ciphertext (CAST-128 as described), each broken after ~72 characters. - -Written by Jack Lloyd (lloyd@randombit.net), June 3, 2002 - Updated to use KDF2, September 8, 2002 - Updated to read X.509 keys, October 21, 2002 - -This file is in the public domain */ #include <iostream> diff --git a/doc/examples/rsa_kgen.cpp b/doc/examples/rsa_kgen.cpp index b7e90ef8a..1108b46db 100644 --- a/doc/examples/rsa_kgen.cpp +++ b/doc/examples/rsa_kgen.cpp @@ -1,12 +1,13 @@ +/* +* (C) 2002 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + /* Generate an RSA key of a specified bitlength, and put it into a pair of key files. One is the public key in X.509 format (PEM encoded), the private key is in PKCS #8 format (also PEM encoded). - -Written by Jack Lloyd (lloyd@randombit.net), June 2-3, 2002 - Updated to use X.509 and PKCS #8 on October 21, 2002 - -This file is in the public domain */ #include <iostream> diff --git a/doc/examples/rsa_manykey.cpp b/doc/examples/rsa_manykey.cpp index 4122bc8ef..e6a511753 100644 --- a/doc/examples/rsa_manykey.cpp +++ b/doc/examples/rsa_manykey.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + /* Generate a whole sequence of keys (for benchmarking) */ diff --git a/doc/examples/self_sig.cpp b/doc/examples/self_sig.cpp index 93161f7d2..6710cfb51 100644 --- a/doc/examples/self_sig.cpp +++ b/doc/examples/self_sig.cpp @@ -1,14 +1,17 @@ /* -Generate a 1024 bit RSA key, and then create a self-signed X.509v3 certificate -with that key. If the do_CA variable is set to true, then it will be marked for -CA use, otherwise it will get extensions appropriate for use with a client -certificate. The private key is stored as an encrypted PKCS #8 object in -another file. - -Written by Jack Lloyd (lloyd@randombit.net), April 7, 2003 +* (C) 2003 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ -This file is in the public domain +/* +Generate a 1024 bit RSA key, and then create a self-signed X.509v3 +certificate with that key. If the do_CA variable is set to true, then +it will be marked for CA use, otherwise it will get extensions +appropriate for use with a client certificate. The private key is +stored as an encrypted PKCS #8 object in another file. */ + #include <botan/botan.h> #include <botan/x509self.h> #include <botan/rsa.h> diff --git a/doc/examples/sig_gen.cpp b/doc/examples/sig_gen.cpp index 6dd749097..fca069862 100644 --- a/doc/examples/sig_gen.cpp +++ b/doc/examples/sig_gen.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <iostream> #include <fstream> #include <string> diff --git a/doc/examples/stack.cpp b/doc/examples/stack.cpp index 1522b05f5..f569004fc 100644 --- a/doc/examples/stack.cpp +++ b/doc/examples/stack.cpp @@ -1,11 +1,13 @@ /* -An Botan example application showing how to use the pop and prepend functions -of Pipe. Based on the md5 example. It's output should always be identical to -such. - -Written by Jack Lloyd (lloyd@randombit.net), Feb 3, 2002 +* (C) 2002 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ -This file is in the public domain +/* +An Botan example application showing how to use the pop and prepend +functions of Pipe. Based on the md5 example. It's output should always +be identical to such. */ #include <iostream> diff --git a/doc/examples/test_es.cpp b/doc/examples/test_es.cpp index b5510ab75..ef5d02281 100644 --- a/doc/examples/test_es.cpp +++ b/doc/examples/test_es.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/botan.h> #include <stdio.h> diff --git a/doc/examples/tss.cpp b/doc/examples/tss.cpp index 1881ffe24..03d7699bf 100644 --- a/doc/examples/tss.cpp +++ b/doc/examples/tss.cpp @@ -1,3 +1,9 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + #include <botan/botan.h> #include <botan/tss.h> #include <iostream> diff --git a/doc/examples/x509info.cpp b/doc/examples/x509info.cpp index 0e34f2fab..8f4d83c45 100644 --- a/doc/examples/x509info.cpp +++ b/doc/examples/x509info.cpp @@ -1,12 +1,10 @@ /* - Read an X.509 certificate, and print various things about it - - Written by Jack Lloyd, March 23 2003 - - October 31, 2003: Prints the public key - - November 1, 2003: Removed the -d flag; it can tell automatically now - - This file is in the public domain +* Read an X.509 certificate, and print various things about it +* (C) 2003 Jack Lloyd +* +* Distributed under the terms of the Botan license */ + #include <botan/botan.h> #include <botan/x509cert.h> #include <botan/oids.h> diff --git a/doc/examples/xor_ciph.cpp b/doc/examples/xor_ciph.cpp index 6a914b150..3174e103e 100644 --- a/doc/examples/xor_ciph.cpp +++ b/doc/examples/xor_ciph.cpp @@ -1,11 +1,11 @@ /* - An implementation of the highly secure (not) XOR cipher. AKA, how to write - and use your own cipher object. DO NOT make up your own ciphers. Please. - - Written by Jack Lloyd (lloyd@randombit.net) on Feb 17, 2004 - Update November 21 2008 for new algorithm factory in 1.8 +* (C) 2004,2008 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ - This file is in the public domain +/* + Adding a simple XOR cipher to the internal tables */ #include <botan/stream_cipher.h> diff --git a/src/cert/cvc/asn1_eac_tm.cpp b/src/cert/cvc/asn1_eac_tm.cpp index dc38e3296..73a2843f7 100644 --- a/src/cert/cvc/asn1_eac_tm.cpp +++ b/src/cert/cvc/asn1_eac_tm.cpp @@ -182,9 +182,9 @@ bool EAC_Time::passes_sanity_check() const return true; } -/****************************************** +/* * modification functions -******************************************/ +*/ void EAC_Time::add_years(u32bit years) { diff --git a/src/cert/cvc/cvc_self.cpp b/src/cert/cvc/cvc_self.cpp index 227ff4136..98e74a6b0 100644 --- a/src/cert/cvc/cvc_self.cpp +++ b/src/cert/cvc/cvc_self.cpp @@ -21,9 +21,9 @@ namespace Botan { namespace { -/******************************* +/* * cvc CHAT values -*******************************/ +*/ enum CHAT_values{ CVCA = 0xC0, DVCA_domestic = 0x80, diff --git a/src/math/gfpmath/gfp_element.h b/src/math/gfpmath/gfp_element.h index c6cfc9d32..7a8644fee 100644 --- a/src/math/gfpmath/gfp_element.h +++ b/src/math/gfpmath/gfp_element.h @@ -241,7 +241,6 @@ class BOTAN_DLL GFpElement mutable BigInt m_value; // ordinary residue or m-residue respectively mutable BigInt workspace; - // ***************************************** // data members for montgomery multiplication mutable bool m_use_montgm; //mutable BigInt m_mres; diff --git a/src/pubkey/ecc_key/ecc_key.cpp b/src/pubkey/ecc_key/ecc_key.cpp index 677a5088e..b7f58eecc 100644 --- a/src/pubkey/ecc_key/ecc_key.cpp +++ b/src/pubkey/ecc_key/ecc_key.cpp @@ -134,9 +134,9 @@ void EC_PublicKey::set_parameter_encoding(EC_dompar_enc type) m_param_enc = type; } -/******************************** +/* * EC_PrivateKey -********************************/ +*/ void EC_PrivateKey::affirm_init() const // virtual { if(m_private_value == 0) diff --git a/src/pubkey/ecdsa/ecdsa.cpp b/src/pubkey/ecdsa/ecdsa.cpp index 9d352c70f..6116f7b13 100644 --- a/src/pubkey/ecdsa/ecdsa.cpp +++ b/src/pubkey/ecdsa/ecdsa.cpp @@ -156,9 +156,9 @@ u32bit ECDSA_PublicKey::max_input_bits() const return mp_dom_pars->get_order().bits(); } -/************************* +/* * ECDSA_PrivateKey -*************************/ +*/ void ECDSA_PrivateKey::affirm_init() const // virtual { EC_PrivateKey::affirm_init(); diff --git a/src/pubkey/eckaeg/eckaeg.cpp b/src/pubkey/eckaeg/eckaeg.cpp index dc6eb925b..3e0f717e0 100644 --- a/src/pubkey/eckaeg/eckaeg.cpp +++ b/src/pubkey/eckaeg/eckaeg.cpp @@ -16,9 +16,9 @@ namespace Botan { -/********************************* +/* * ECKAEG_PublicKey -*********************************/ +*/ void ECKAEG_PublicKey::affirm_init() const // virtual { @@ -72,9 +72,9 @@ ECKAEG_PublicKey::ECKAEG_PublicKey(EC_Domain_Params const& dom_par, PointGFp con m_eckaeg_core = ECKAEG_Core(*mp_dom_pars, BigInt(0), *mp_public_point); } -/********************************* +/* * ECKAEG_PrivateKey -*********************************/ +*/ void ECKAEG_PrivateKey::affirm_init() const // virtual { EC_PrivateKey::affirm_init(); diff --git a/src/wrap/python/filter.cpp b/src/wrap/python/filter.cpp index a678af9e5..48a3f84eb 100644 --- a/src/wrap/python/filter.cpp +++ b/src/wrap/python/filter.cpp @@ -1,7 +1,9 @@ -/************************************************* -* Boost.Python module definition * -* (C) 1999-2007 Jack Lloyd * -*************************************************/ +/* +* Boost.Python module definition +* (C) 1999-2007 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ #include <boost/python.hpp> using namespace boost::python; diff --git a/src/wrap/python/python_botan.h b/src/wrap/python/python_botan.h index 646c2e2c1..a7a2e505e 100644 --- a/src/wrap/python/python_botan.h +++ b/src/wrap/python/python_botan.h @@ -1,3 +1,8 @@ +/* +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ #ifndef BOTAN_BOOST_PYTHON_COMMON_H__ #define BOTAN_BOOST_PYTHON_COMMON_H__ diff --git a/src/wrap/python/x509.cpp b/src/wrap/python/x509.cpp index 90c2bba1c..c2c9533c8 100644 --- a/src/wrap/python/x509.cpp +++ b/src/wrap/python/x509.cpp @@ -1,7 +1,9 @@ -/************************************************* -* Boost.Python module definition * -* (C) 1999-2007 Jack Lloyd * -*************************************************/ +/* +* Boost.Python module definition +* (C) 2009 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ #include <botan/oids.h> #include <botan/pipe.h> -- cgit v1.2.3 From 2837e915d82e439730624f15bfc8c820475c9d65 Mon Sep 17 00:00:00 2001 From: lloyd <lloyd@randombit.net> Date: Tue, 5 Jan 2010 23:06:31 +0000 Subject: Clean up exceptions. Remove some unused ones like Config_Error. Make Invalid_Argument just a typedef for std::invalid_argument. Make Botan::Exception a typedef for std::runtime_error. Make Memory_Exhaustion a public exception, and use it in other places where memory allocations can fail. --- checks/block.cpp | 2 +- checks/pk.cpp | 28 ++++++------ doc/examples/pqg_gen.cpp | 4 +- src/alloc/mem_pool/mem_pool.cpp | 13 ------ src/alloc/system_alloc/defalloc.cpp | 2 +- src/block/lion/lion.cpp | 3 +- src/cert/x509/x509_ext.cpp | 2 +- src/cms/cms_dalg.cpp | 6 +-- src/cms/cms_ealg.cpp | 12 ++--- src/constructs/cryptobox/cryptobox.cpp | 2 +- src/filters/bzip2/bzip2.cpp | 16 ++++--- src/filters/modes/cbc/cbc.cpp | 2 +- src/filters/modes/cts/cts.cpp | 3 +- src/filters/modes/eax/eax_dec.cpp | 4 +- src/filters/modes/ecb/ecb.cpp | 2 +- src/filters/modes/xts/xts.cpp | 4 +- src/filters/pipe_rw.cpp | 2 +- src/filters/pk_filts/pk_filts.cpp | 2 +- src/filters/zlib/zlib.cpp | 15 +++--- src/math/gfpmath/point_gfp.cpp | 4 +- src/math/numbertheory/powm_mnt.cpp | 7 ++- src/mutex/pthreads/mux_pthr.cpp | 6 +-- src/pk_pad/eme1/eme1.cpp | 2 +- src/pubkey/dl_group/dl_group.cpp | 4 +- src/pubkey/dlies/dlies.cpp | 2 +- src/pubkey/dsa/dsa.cpp | 2 + src/pubkey/pubkey.cpp | 6 +-- src/s2k/pbkdf1/pbkdf1.cpp | 4 +- src/stream/stream_cipher.h | 4 +- src/utils/exceptn.h | 83 +++++++--------------------------- src/utils/parsing.cpp | 2 +- 31 files changed, 97 insertions(+), 153 deletions(-) (limited to 'src/math') diff --git a/checks/block.cpp b/checks/block.cpp index 3cd41e63a..c90e3e499 100644 --- a/checks/block.cpp +++ b/checks/block.cpp @@ -89,7 +89,7 @@ void ECB_Encryption_ErrorCheck::end_msg() } if(position) - throw Exception("ECB: input was not in full blocks"); + throw Encoding_Error("ECB: input was not in full blocks"); } Filter* lookup_block(const std::string& algname, const std::string& key) diff --git a/checks/pk.cpp b/checks/pk.cpp index e6f4d4f48..9c243f1cf 100644 --- a/checks/pk.cpp +++ b/checks/pk.cpp @@ -172,7 +172,7 @@ u32bit validate_rsa_enc_pkcs8(const std::string& algo, RandomNumberGenerator& rng) { if(str.size() != 4 && str.size() != 5) - throw Exception("Invalid input from pk_valid.dat"); + throw std::runtime_error("Invalid input from pk_valid.dat"); #if defined(BOTAN_HAS_RSA) @@ -210,7 +210,7 @@ u32bit validate_rsa_enc(const std::string& algo, RandomNumberGenerator& rng) { if(str.size() != 6) - throw Exception("Invalid input from pk_valid.dat"); + throw std::runtime_error("Invalid input from pk_valid.dat"); #if defined(BOTAN_HAS_RSA) @@ -238,7 +238,7 @@ u32bit validate_elg_enc(const std::string& algo, RandomNumberGenerator& rng) { if(str.size() != 6 && str.size() != 7) - throw Exception("Invalid input from pk_valid.dat"); + throw std::runtime_error("Invalid input from pk_valid.dat"); #if defined(BOTAN_HAS_ELGAMAL) @@ -270,7 +270,7 @@ u32bit validate_rsa_sig(const std::string& algo, RandomNumberGenerator& rng) { if(str.size() != 6) - throw Exception("Invalid input from pk_valid.dat"); + throw std::runtime_error("Invalid input from pk_valid.dat"); #if defined(BOTAN_HAS_RSA) @@ -296,7 +296,7 @@ u32bit validate_rsa_ver(const std::string& algo, const std::vector<std::string>& str) { if(str.size() != 5) /* is actually 4, parse() adds an extra empty one */ - throw Exception("Invalid input from pk_valid.dat"); + throw std::runtime_error("Invalid input from pk_valid.dat"); #if defined(BOTAN_HAS_RSA) RSA_PublicKey key(to_bigint(str[1]), to_bigint(str[0])); @@ -320,7 +320,7 @@ u32bit validate_rsa_ver_x509(const std::string& algo, const std::vector<std::string>& str) { if(str.size() != 5) /* is actually 3, parse() adds extra empty ones */ - throw Exception("Invalid input from pk_valid.dat"); + throw std::runtime_error("Invalid input from pk_valid.dat"); #if defined(BOTAN_HAS_RSA) DataSource_Memory keysource(reinterpret_cast<const byte*>(str[0].c_str()), @@ -352,7 +352,7 @@ u32bit validate_rw_ver(const std::string& algo, const std::vector<std::string>& str) { if(str.size() != 5) - throw Exception("Invalid input from pk_valid.dat"); + throw std::runtime_error("Invalid input from pk_valid.dat"); @@ -379,7 +379,7 @@ u32bit validate_rw_sig(const std::string& algo, RandomNumberGenerator& rng) { if(str.size() != 6) - throw Exception("Invalid input from pk_valid.dat"); + throw std::runtime_error("Invalid input from pk_valid.dat"); #if defined(BOTAN_HAS_RW) @@ -405,7 +405,7 @@ u32bit validate_dsa_sig(const std::string& algo, RandomNumberGenerator& rng) { if(str.size() != 4 && str.size() != 5) - throw Exception("Invalid input from pk_valid.dat"); + throw std::runtime_error("Invalid input from pk_valid.dat"); std::string pass; if(str.size() == 5) pass = str[4]; @@ -442,7 +442,7 @@ u32bit validate_dsa_ver(const std::string& algo, const std::vector<std::string>& str) { if(str.size() != 5) /* is actually 3, parse() adds extra empty ones */ - throw Exception("Invalid input from pk_valid.dat"); + throw std::runtime_error("Invalid input from pk_valid.dat"); DataSource_Memory keysource(reinterpret_cast<const byte*>(str[0].c_str()), str[0].length()); @@ -476,7 +476,7 @@ u32bit validate_nr_sig(const std::string& algo, RandomNumberGenerator& rng) { if(str.size() != 8) - throw Exception("Invalid input from pk_valid.dat"); + throw std::runtime_error("Invalid input from pk_valid.dat"); #if defined(BOTAN_HAS_NYBERG_RUEPPEL) @@ -503,7 +503,7 @@ u32bit validate_dh(const std::string& algo, RandomNumberGenerator& rng) { if(str.size() != 5 && str.size() != 6) - throw Exception("Invalid input from pk_valid.dat"); + throw std::runtime_error("Invalid input from pk_valid.dat"); #if defined(BOTAN_HAS_DIFFIE_HELLMAN) @@ -534,7 +534,7 @@ u32bit validate_dlies(const std::string& algo, RandomNumberGenerator& rng) { if(str.size() != 6) - throw Exception("Invalid input from pk_valid.dat"); + throw std::runtime_error("Invalid input from pk_valid.dat"); #if defined(BOTAN_HAS_DLIES) DL_Group domain(to_bigint(str[0]), to_bigint(str[1])); @@ -547,7 +547,7 @@ u32bit validate_dlies(const std::string& algo, std::vector<std::string> options = split_on(opt_str, '/'); if(options.size() != 3) - throw Exception("DLIES needs three options: " + opt_str); + throw std::runtime_error("DLIES needs three options: " + opt_str); MessageAuthenticationCode* mac = get_mac(options[1]); u32bit mac_key_len = to_u32bit(options[2]); diff --git a/doc/examples/pqg_gen.cpp b/doc/examples/pqg_gen.cpp index 4104e8ecb..e797233f9 100644 --- a/doc/examples/pqg_gen.cpp +++ b/doc/examples/pqg_gen.cpp @@ -31,7 +31,7 @@ int main() std::ifstream in("PQGGen.rsp"); if(!in) - throw Exception("Can't open response file"); + throw std::runtime_error("Can't open response file"); std::map<std::string, std::string> inputs; @@ -46,7 +46,7 @@ int main() std::vector<std::string> name_and_val = split_on(line, '='); if(name_and_val.size() != 2) - throw Decoding_Error("Unexpected input: " + line); + throw std::runtime_error("Unexpected input: " + line); name_and_val[0].erase(name_and_val[0].size()-1); name_and_val[1].erase(0, 1); diff --git a/src/alloc/mem_pool/mem_pool.cpp b/src/alloc/mem_pool/mem_pool.cpp index 2945a4cef..4180d2602 100644 --- a/src/alloc/mem_pool/mem_pool.cpp +++ b/src/alloc/mem_pool/mem_pool.cpp @@ -15,19 +15,6 @@ namespace Botan { -namespace { - -/* -* Memory Allocation Exception -*/ -struct Memory_Exhaustion : public std::bad_alloc - { - const char* what() const throw() - { return "Ran out of memory, allocation failed"; } - }; - -} - /* * Memory_Block Constructor */ diff --git a/src/alloc/system_alloc/defalloc.cpp b/src/alloc/system_alloc/defalloc.cpp index faaeb3c58..311057462 100644 --- a/src/alloc/system_alloc/defalloc.cpp +++ b/src/alloc/system_alloc/defalloc.cpp @@ -94,7 +94,7 @@ Allocator* Allocator::get(bool locking) if(alloc) return alloc; - throw Exception("Couldn't find an allocator to use in get_allocator"); + throw Internal_Error("Couldn't find an allocator to use in get_allocator"); } } diff --git a/src/block/lion/lion.cpp b/src/block/lion/lion.cpp index e590a78ce..d8dfd1fcb 100644 --- a/src/block/lion/lion.cpp +++ b/src/block/lion/lion.cpp @@ -116,8 +116,9 @@ Lion::Lion(HashFunction* hash_in, StreamCipher* sc_in, u32bit block_len) : { if(2*LEFT_SIZE + 1 > BLOCK_SIZE) throw Invalid_Argument(name() + ": Chosen block size is too small"); + if(!cipher->valid_keylength(LEFT_SIZE)) - throw Exception(name() + ": This stream/hash combination is invalid"); + throw Invalid_Argument(name() + ": This stream/hash combo is invalid"); key1.resize(LEFT_SIZE); key2.resize(LEFT_SIZE); diff --git a/src/cert/x509/x509_ext.cpp b/src/cert/x509/x509_ext.cpp index 9a03c9d23..69b21d8b3 100644 --- a/src/cert/x509/x509_ext.cpp +++ b/src/cert/x509/x509_ext.cpp @@ -473,7 +473,7 @@ MemoryVector<byte> Certificate_Policies::encode_inner() const { // FIXME #if 1 - throw Exception("Certificate_Policies::encode_inner: Bugged"); + throw Internal_Error("Certificate_Policies::encode_inner: Bugged"); #else std::vector<Policy_Information> policies; diff --git a/src/cms/cms_dalg.cpp b/src/cms/cms_dalg.cpp index 7ed793f4f..1fc4e2faa 100644 --- a/src/cms/cms_dalg.cpp +++ b/src/cms/cms_dalg.cpp @@ -195,7 +195,7 @@ void CMS_Decoder::decode_layer() else if(type == OIDS::lookup("CMS.SignedData")) { #if 1 - throw Exception("FIXME: not implemented"); + throw Internal_Error("FIXME: not implemented"); #else u32bit version; @@ -258,11 +258,11 @@ void CMS_Decoder::decode_layer() } else if(type == OIDS::lookup("CMS.EnvelopedData")) { - throw Exception("FIXME: not implemented"); + throw Internal_Error("FIXME: not implemented"); } else if(type == OIDS::lookup("CMS.AuthenticatedData")) { - throw Exception("FIXME: not implemented"); + throw Internal_Error("FIXME: not implemented"); } else throw Decoding_Error("CMS: Unknown content ID " + type.as_string()); diff --git a/src/cms/cms_ealg.cpp b/src/cms/cms_ealg.cpp index 2970e8e79..5efa33254 100644 --- a/src/cms/cms_ealg.cpp +++ b/src/cms/cms_ealg.cpp @@ -168,7 +168,7 @@ void CMS_Encoder::encrypt_kari(RandomNumberGenerator&, X509_PublicKey*, const std::string&) { - throw Exception("FIXME: unimplemented"); + throw Internal_Error("FIXME: unimplemented"); #if 0 SymmetricKey cek = setup_key(rng, cipher); @@ -198,7 +198,7 @@ void CMS_Encoder::encrypt(RandomNumberGenerator& rng, const SymmetricKey& kek, const std::string& user_cipher) { - throw Exception("FIXME: untested"); + throw Internal_Error("FIXME: untested"); const std::string cipher = choose_algo(user_cipher, "TripleDES"); SymmetricKey cek = setup_key(rng, cipher); @@ -232,7 +232,7 @@ void CMS_Encoder::encrypt(RandomNumberGenerator&, const std::string& user_cipher) { const std::string cipher = choose_algo(user_cipher, "TripleDES"); - throw Exception("FIXME: unimplemented"); + throw Internal_Error("FIXME: unimplemented"); /* SymmetricKey cek = setup_key(key); @@ -375,7 +375,7 @@ void CMS_Encoder::authenticate(const X509_Certificate&, const std::string& mac_algo) { const std::string mac = choose_algo(mac_algo, "HMAC(SHA-1)"); - throw Exception("FIXME: unimplemented"); + throw Internal_Error("FIXME: unimplemented"); } /* @@ -385,7 +385,7 @@ void CMS_Encoder::authenticate(const SymmetricKey&, const std::string& mac_algo) { const std::string mac = choose_algo(mac_algo, "HMAC(SHA-1)"); - throw Exception("FIXME: unimplemented"); + throw Internal_Error("FIXME: unimplemented"); } /* @@ -395,7 +395,7 @@ void CMS_Encoder::authenticate(const std::string&, const std::string& mac_algo) { const std::string mac = choose_algo(mac_algo, "HMAC(SHA-1)"); - throw Exception("FIXME: unimplemented"); + throw Internal_Error("FIXME: unimplemented"); } } diff --git a/src/constructs/cryptobox/cryptobox.cpp b/src/constructs/cryptobox/cryptobox.cpp index ba7553c55..20435fa59 100644 --- a/src/constructs/cryptobox/cryptobox.cpp +++ b/src/constructs/cryptobox/cryptobox.cpp @@ -135,7 +135,7 @@ std::string decrypt(const byte input[], u32bit input_len, if(!same_mem(computed_mac, ciphertext + VERSION_CODE_LEN + PBKDF_SALT_LEN, MAC_OUTPUT_LEN)) - throw Integrity_Failure("CryptoBox integrity failure"); + throw Decoding_Error("CryptoBox integrity failure"); return pipe.read_all_as_string(0); } diff --git a/src/filters/bzip2/bzip2.cpp b/src/filters/bzip2/bzip2.cpp index 4cdca5355..9dcee8fdf 100644 --- a/src/filters/bzip2/bzip2.cpp +++ b/src/filters/bzip2/bzip2.cpp @@ -96,7 +96,7 @@ void Bzip_Compression::start_msg() clear(); bz = new Bzip_Stream; if(BZ2_bzCompressInit(&(bz->stream), level, 0, 0) != BZ_OK) - throw Exception("Bzip_Compression: Memory allocation error"); + throw Memory_Exhaustion(); } /* @@ -196,13 +196,15 @@ void Bzip_Decompression::write(const byte input_arr[], u32bit length) if(rc != BZ_OK && rc != BZ_STREAM_END) { clear(); + if(rc == BZ_DATA_ERROR) throw Decoding_Error("Bzip_Decompression: Data integrity error"); - if(rc == BZ_DATA_ERROR_MAGIC) + else if(rc == BZ_DATA_ERROR_MAGIC) throw Decoding_Error("Bzip_Decompression: Invalid input"); - if(rc == BZ_MEM_ERROR) - throw Exception("Bzip_Decompression: Memory allocation error"); - throw Exception("Bzip_Decompression: Unknown decompress error"); + else if(rc == BZ_MEM_ERROR) + throw Memory_Exhaustion(); + else + throw std::runtime_error("Bzip2 decompression: Unknown error"); } send(buffer, buffer.size() - bz->stream.avail_out); @@ -228,7 +230,7 @@ void Bzip_Decompression::start_msg() bz = new Bzip_Stream; if(BZ2_bzDecompressInit(&(bz->stream), 0, small_mem) != BZ_OK) - throw Exception("Bzip_Decompression: Memory allocation error"); + throw Memory_Exhaustion(); no_writes = true; } @@ -252,7 +254,7 @@ void Bzip_Decompression::end_msg() if(rc != BZ_OK && rc != BZ_STREAM_END) { clear(); - throw Exception("Bzip_Decompression: Error finalizing decompression"); + throw Decoding_Error("Bzip_Decompression: Error finalizing"); } send(buffer, buffer.size() - bz->stream.avail_out); diff --git a/src/filters/modes/cbc/cbc.cpp b/src/filters/modes/cbc/cbc.cpp index 059b239e8..7722fad2f 100644 --- a/src/filters/modes/cbc/cbc.cpp +++ b/src/filters/modes/cbc/cbc.cpp @@ -79,7 +79,7 @@ void CBC_Encryption::buffered_final(const byte input[], u32bit length) if(length % cipher->BLOCK_SIZE == 0) buffered_block(input, length); else if(length != 0) - throw Exception(name() + ": Did not pad to full blocksize"); + throw Encoding_Error(name() + ": Did not pad to full blocksize"); } void CBC_Encryption::write(const byte input[], u32bit input_length) diff --git a/src/filters/modes/cts/cts.cpp b/src/filters/modes/cts/cts.cpp index 3a15a1d68..b27b9b3c5 100644 --- a/src/filters/modes/cts/cts.cpp +++ b/src/filters/modes/cts/cts.cpp @@ -101,7 +101,8 @@ void CTS_Encryption::write(const byte input[], u32bit length) void CTS_Encryption::end_msg() { if(position < cipher->BLOCK_SIZE + 1) - throw Exception("CTS_Encryption: insufficient data to encrypt"); + throw Encoding_Error(name() + ": insufficient data to encrypt"); + xor_buf(state, buffer, cipher->BLOCK_SIZE); cipher->encrypt(state); SecureVector<byte> cn = state; diff --git a/src/filters/modes/eax/eax_dec.cpp b/src/filters/modes/eax/eax_dec.cpp index f41327ffc..998773697 100644 --- a/src/filters/modes/eax/eax_dec.cpp +++ b/src/filters/modes/eax/eax_dec.cpp @@ -98,13 +98,13 @@ void EAX_Decryption::do_write(const byte input[], u32bit length) void EAX_Decryption::end_msg() { if((queue_end - queue_start) != TAG_SIZE) - throw Integrity_Failure(name() + ": Message authentication failure"); + throw Decoding_Error(name() + ": Message authentication failure"); SecureVector<byte> data_mac = cmac->final(); for(u32bit j = 0; j != TAG_SIZE; ++j) if(queue[queue_start+j] != (data_mac[j] ^ nonce_mac[j] ^ header_mac[j])) - throw Integrity_Failure(name() + ": Message authentication failure"); + throw Decoding_Error(name() + ": Message authentication failure"); queue_start = queue_end = 0; } diff --git a/src/filters/modes/ecb/ecb.cpp b/src/filters/modes/ecb/ecb.cpp index c13d0fd37..2ce6576e3 100644 --- a/src/filters/modes/ecb/ecb.cpp +++ b/src/filters/modes/ecb/ecb.cpp @@ -103,7 +103,7 @@ void ECB_Encryption::buffered_final(const byte input[], u32bit input_length) if(input_length % cipher->BLOCK_SIZE == 0) buffered_block(input, input_length); else if(input_length != 0) - throw Exception(name() + ": Did not pad to full blocksize"); + throw Encoding_Error(name() + ": Did not pad to full blocksize"); } /* diff --git a/src/filters/modes/xts/xts.cpp b/src/filters/modes/xts/xts.cpp index afeea24b5..cfea0b34b 100644 --- a/src/filters/modes/xts/xts.cpp +++ b/src/filters/modes/xts/xts.cpp @@ -168,7 +168,7 @@ void XTS_Encryption::buffered_block(const byte input[], u32bit length) void XTS_Encryption::buffered_final(const byte input[], u32bit length) { if(length <= cipher->BLOCK_SIZE) - throw Exception("XTS_Encryption: insufficient data to encrypt"); + throw Encoding_Error("XTS_Encryption: insufficient data to encrypt"); if(length % cipher->BLOCK_SIZE == 0) { @@ -323,7 +323,7 @@ void XTS_Decryption::buffered_block(const byte input[], u32bit input_length) void XTS_Decryption::buffered_final(const byte input[], u32bit input_length) { if(input_length <= cipher->BLOCK_SIZE) - throw Exception("XTS_Decryption: insufficient data to decrypt"); + throw Decoding_Error("XTS_Decryption: insufficient data to decrypt"); if(input_length % cipher->BLOCK_SIZE == 0) { diff --git a/src/filters/pipe_rw.cpp b/src/filters/pipe_rw.cpp index 756a1cf09..de77c6b43 100644 --- a/src/filters/pipe_rw.cpp +++ b/src/filters/pipe_rw.cpp @@ -34,7 +34,7 @@ Pipe::message_id Pipe::get_message_no(const std::string& func_name, void Pipe::write(const byte input[], u32bit length) { if(!inside_msg) - throw Exception("Cannot write to a Pipe while it is not processing"); + throw Invalid_State("Cannot write to a Pipe while it is not processing"); pipe->write(input, length); } diff --git a/src/filters/pk_filts/pk_filts.cpp b/src/filters/pk_filts/pk_filts.cpp index d604436e0..05b45227f 100644 --- a/src/filters/pk_filts/pk_filts.cpp +++ b/src/filters/pk_filts/pk_filts.cpp @@ -73,7 +73,7 @@ void PK_Verifier_Filter::write(const byte input[], u32bit length) void PK_Verifier_Filter::end_msg() { if(signature.empty()) - throw Exception("PK_Verifier_Filter: No signature to check against"); + throw Invalid_State("PK_Verifier_Filter: No signature to check against"); bool is_valid = verifier->check_signature(signature, signature.size()); send((is_valid ? 1 : 0)); } diff --git a/src/filters/zlib/zlib.cpp b/src/filters/zlib/zlib.cpp index 246e32924..171caa73f 100644 --- a/src/filters/zlib/zlib.cpp +++ b/src/filters/zlib/zlib.cpp @@ -95,7 +95,7 @@ void Zlib_Compression::start_msg() clear(); zlib = new Zlib_Stream; if(deflateInit(&(zlib->stream), level) != Z_OK) - throw Exception("Zlib_Compression: Memory allocation error"); + throw Memory_Exhaustion(); } /* @@ -187,7 +187,7 @@ void Zlib_Decompression::start_msg() clear(); zlib = new Zlib_Stream; if(inflateInit(&(zlib->stream)) != Z_OK) - throw Exception("Zlib_Decompression: Memory allocation error"); + throw Memory_Exhaustion(); } /* @@ -215,11 +215,12 @@ void Zlib_Decompression::write(const byte input_arr[], u32bit length) clear(); if(rc == Z_DATA_ERROR) throw Decoding_Error("Zlib_Decompression: Data integrity error"); - if(rc == Z_NEED_DICT) + else if(rc == Z_NEED_DICT) throw Decoding_Error("Zlib_Decompression: Need preset dictionary"); - if(rc == Z_MEM_ERROR) - throw Exception("Zlib_Decompression: Memory allocation error"); - throw Exception("Zlib_Decompression: Unknown decompress error"); + else if(rc == Z_MEM_ERROR) + throw Memory_Exhaustion(); + else + throw std::runtime_error("Zlib decompression: Unknown error"); } send(buffer.begin(), buffer.size() - zlib->stream.avail_out); @@ -258,7 +259,7 @@ void Zlib_Decompression::end_msg() if(rc != Z_OK && rc != Z_STREAM_END) { clear(); - throw Exception("Zlib_Decompression: Error finalizing decompression"); + throw Decoding_Error("Zlib_Decompression: Error finalizing"); } send(buffer.begin(), buffer.size() - zlib->stream.avail_out); diff --git a/src/math/gfpmath/point_gfp.cpp b/src/math/gfpmath/point_gfp.cpp index f95add9f7..4203a3db3 100644 --- a/src/math/gfpmath/point_gfp.cpp +++ b/src/math/gfpmath/point_gfp.cpp @@ -921,7 +921,7 @@ SecureVector<byte> EC2OSP(const PointGFp& point, byte format) } else { - throw Format_Error("illegal point encoding format specification"); + throw Invalid_Argument("illegal point encoding format specification"); } return result; } @@ -1078,7 +1078,7 @@ PointGFp OS2ECP(MemoryRegion<byte> const& os, const CurveGFp& curve) } break; default: - throw Format_Error("encountered illegal format specification while decoding point"); + throw Invalid_Argument("encountered illegal format specification while decoding point"); } z = GFpElement(curve.get_p(), BigInt(1)); //assert((x.is_trf_to_mres() && x.is_use_montgm()) || !x.is_trf_to_mres()); diff --git a/src/math/numbertheory/powm_mnt.cpp b/src/math/numbertheory/powm_mnt.cpp index e356387c0..2d18ccdef 100644 --- a/src/math/numbertheory/powm_mnt.cpp +++ b/src/math/numbertheory/powm_mnt.cpp @@ -156,10 +156,9 @@ BigInt Montgomery_Exponentiator::execute() const Montgomery_Exponentiator::Montgomery_Exponentiator(const BigInt& mod, Power_Mod::Usage_Hints hints) { - if(!mod.is_positive()) - throw Exception("Montgomery_Exponentiator: modulus must be positive"); - if(mod.is_even()) - throw Exception("Montgomery_Exponentiator: modulus must be odd"); + // Montgomery reduction only works for positive odd moduli + if(!mod.is_positive() || mod.is_even()) + throw Invalid_Argument("Montgomery_Exponentiator: invalid modulus"); window_bits = 0; this->hints = hints; diff --git a/src/mutex/pthreads/mux_pthr.cpp b/src/mutex/pthreads/mux_pthr.cpp index 75a116fe8..165132239 100644 --- a/src/mutex/pthreads/mux_pthr.cpp +++ b/src/mutex/pthreads/mux_pthr.cpp @@ -28,19 +28,19 @@ Mutex* Pthread_Mutex_Factory::make() void lock() { if(pthread_mutex_lock(&mutex) != 0) - throw Exception("Pthread_Mutex::lock: Error occured"); + throw Invalid_State("Pthread_Mutex::lock: Error occured"); } void unlock() { if(pthread_mutex_unlock(&mutex) != 0) - throw Exception("Pthread_Mutex::unlock: Error occured"); + throw Invalid_State("Pthread_Mutex::unlock: Error occured"); } Pthread_Mutex() { if(pthread_mutex_init(&mutex, 0) != 0) - throw Exception("Pthread_Mutex: initialization failed"); + throw Invalid_State("Pthread_Mutex: initialization failed"); } ~Pthread_Mutex() diff --git a/src/pk_pad/eme1/eme1.cpp b/src/pk_pad/eme1/eme1.cpp index 13f68f8e4..d99ffaf58 100644 --- a/src/pk_pad/eme1/eme1.cpp +++ b/src/pk_pad/eme1/eme1.cpp @@ -21,7 +21,7 @@ SecureVector<byte> EME1::pad(const byte in[], u32bit in_length, key_length /= 8; if(in_length > key_length - 2*HASH_LENGTH - 1) - throw Exception("EME1: Input is too large"); + throw Invalid_Argument("EME1: Input is too large"); SecureVector<byte> out(key_length); diff --git a/src/pubkey/dl_group/dl_group.cpp b/src/pubkey/dl_group/dl_group.cpp index a2e239783..7940e69b2 100644 --- a/src/pubkey/dl_group/dl_group.cpp +++ b/src/pubkey/dl_group/dl_group.cpp @@ -193,7 +193,7 @@ const BigInt& DL_Group::get_q() const { init_check(); if(q == 0) - throw Format_Error("DLP group has no q prime specified"); + throw Invalid_State("DLP group has no q prime specified"); return q; } @@ -325,7 +325,7 @@ BigInt DL_Group::make_dsa_generator(const BigInt& p, const BigInt& q) } if(g == 1) - throw Exception("DL_Group: Couldn't create a suitable generator"); + throw Internal_Error("DL_Group: Couldn't create a suitable generator"); return g; } diff --git a/src/pubkey/dlies/dlies.cpp b/src/pubkey/dlies/dlies.cpp index 3a3ab52ee..6ef3292e1 100644 --- a/src/pubkey/dlies/dlies.cpp +++ b/src/pubkey/dlies/dlies.cpp @@ -127,7 +127,7 @@ SecureVector<byte> DLIES_Decryptor::dec(const byte msg[], u32bit length) const mac->update(0); SecureVector<byte> T2 = mac->final(); if(T != T2) - throw Integrity_Failure("DLIES: message authentication failed"); + throw Decoding_Error("DLIES: message authentication failed"); xor_buf(C, K.begin() + mac_keylen, C.size()); diff --git a/src/pubkey/dsa/dsa.cpp b/src/pubkey/dsa/dsa.cpp index b0688ae0d..5be3e1d48 100644 --- a/src/pubkey/dsa/dsa.cpp +++ b/src/pubkey/dsa/dsa.cpp @@ -97,6 +97,8 @@ SecureVector<byte> DSA_PrivateKey::sign(const byte in[], u32bit length, { const BigInt& q = group_q(); + rng.add_entropy(in, length); + BigInt k; do k.randomize(rng, q.bits()); diff --git a/src/pubkey/pubkey.cpp b/src/pubkey/pubkey.cpp index 44e31159c..9b5c9180b 100644 --- a/src/pubkey/pubkey.cpp +++ b/src/pubkey/pubkey.cpp @@ -73,7 +73,7 @@ PK_Encryptor_MR_with_EME::enc(const byte msg[], message.set(msg, length); if(8*(message.size() - 1) + high_bit(message[0]) > key.max_input_bits()) - throw Exception("PK_Encryptor_MR_with_EME: Input is too large"); + throw Invalid_Argument("PK_Encryptor_MR_with_EME: Input is too large"); return key.encrypt(message, message.size(), rng); } @@ -113,11 +113,11 @@ SecureVector<byte> PK_Decryptor_MR_with_EME::dec(const byte msg[], } catch(Invalid_Argument) { - throw Exception("PK_Decryptor_MR_with_EME: Input is invalid"); + throw Decoding_Error("PK_Decryptor_MR_with_EME: Input is invalid"); } catch(Decoding_Error) { - throw Exception("PK_Decryptor_MR_with_EME: Input is invalid"); + throw Decoding_Error("PK_Decryptor_MR_with_EME: Input is invalid"); } } diff --git a/src/s2k/pbkdf1/pbkdf1.cpp b/src/s2k/pbkdf1/pbkdf1.cpp index 04e3aa453..fcc5b9a97 100644 --- a/src/s2k/pbkdf1/pbkdf1.cpp +++ b/src/s2k/pbkdf1/pbkdf1.cpp @@ -18,10 +18,10 @@ OctetString PKCS5_PBKDF1::derive(u32bit key_len, u32bit iterations) const { if(iterations == 0) - throw Invalid_Argument("PKCS#5 PBKDF1: Invalid iteration count"); + throw Invalid_Argument("PKCS5_PBKDF1: Invalid iteration count"); if(key_len > hash->OUTPUT_LENGTH) - throw Exception("PKCS#5 PBKDF1: Requested output length too long"); + throw Invalid_Argument("PKCS5_PBKDF1: Requested output length too long"); hash->update(passphrase); hash->update(salt, salt_size); diff --git a/src/stream/stream_cipher.h b/src/stream/stream_cipher.h index 29c16c8b5..cb6fb3481 100644 --- a/src/stream/stream_cipher.h +++ b/src/stream/stream_cipher.h @@ -42,8 +42,8 @@ class BOTAN_DLL StreamCipher : public SymmetricAlgorithm virtual void set_iv(const byte[], u32bit iv_len) { if(iv_len) - throw Exception("The stream cipher " + name() + - " does not support resyncronization"); + throw Invalid_Argument("The stream cipher " + name() + + " does not support resyncronization"); } /** diff --git a/src/utils/exceptn.h b/src/utils/exceptn.h index d106de1c0..86efebc7c 100644 --- a/src/utils/exceptn.h +++ b/src/utils/exceptn.h @@ -1,6 +1,6 @@ /* * Exceptions -* (C) 1999-2007 Jack Lloyd +* (C) 1999-2009 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -16,32 +16,8 @@ namespace Botan { -/* -* Exception Base Class -*/ -class BOTAN_DLL Exception : public std::exception - { - public: - Exception(const std::string& m = "Unknown error") : - msg("Botan: " + m) - {} - - const char* what() const throw() { return msg.c_str(); } - - virtual ~Exception() throw() {} - private: - std::string msg; - }; - -/* -* Invalid_Argument Exception -*/ -struct BOTAN_DLL Invalid_Argument : public Exception - { - Invalid_Argument(const std::string& err = "") : - Exception(err) - {} - }; +typedef std::runtime_error Exception; +typedef std::invalid_argument Invalid_Argument; /* * Invalid_State Exception @@ -53,16 +29,6 @@ struct BOTAN_DLL Invalid_State : public Exception {} }; -/* -* Format_Error Exception -*/ -struct BOTAN_DLL Format_Error : public Exception - { - Format_Error(const std::string& err = "") : - Exception(err) - {} - }; - /* * Lookup_Error Exception */ @@ -150,29 +116,29 @@ struct BOTAN_DLL Algorithm_Not_Found : public Lookup_Error /* * Invalid_Algorithm_Name Exception */ -struct BOTAN_DLL Invalid_Algorithm_Name : public Format_Error +struct BOTAN_DLL Invalid_Algorithm_Name : public Invalid_Argument { Invalid_Algorithm_Name(const std::string& name): - Format_Error("Invalid algorithm name: " + name) + Invalid_Argument("Invalid algorithm name: " + name) {} }; /* * Encoding_Error Exception */ -struct BOTAN_DLL Encoding_Error : public Format_Error +struct BOTAN_DLL Encoding_Error : public Invalid_Argument { Encoding_Error(const std::string& name) : - Format_Error("Encoding error: " + name) {} + Invalid_Argument("Encoding error: " + name) {} }; /* * Decoding_Error Exception */ -struct BOTAN_DLL Decoding_Error : public Format_Error +struct BOTAN_DLL Decoding_Error : public Invalid_Argument { Decoding_Error(const std::string& name) : - Format_Error("Decoding error: " + name) {} + Invalid_Argument("Decoding error: " + name) {} }; /* @@ -195,37 +161,22 @@ struct BOTAN_DLL Stream_IO_Error : public Exception }; /* -* Configuration Error Exception -*/ -struct BOTAN_DLL Config_Error : public Format_Error - { - Config_Error(const std::string& err) : - Format_Error("Config error: " + err) - {} - - Config_Error(const std::string& err, u32bit line) : - Format_Error("Config error at line " + to_string(line) + ": " + err) - {} - }; - -/* -* Integrity Failure Exception +* Self Test Failure Exception */ -struct BOTAN_DLL Integrity_Failure : public Internal_Error +struct BOTAN_DLL Self_Test_Failure : public Internal_Error { - Integrity_Failure(const std::string& err) : - Internal_Error("Integrity failure: " + err) + Self_Test_Failure(const std::string& err) : + Internal_Error("Self test failed: " + err) {} }; /* -* Self Test Failure Exception +* Memory Allocation Exception */ -struct BOTAN_DLL Self_Test_Failure : public Internal_Error +struct BOTAN_DLL Memory_Exhaustion : public std::bad_alloc { - Self_Test_Failure(const std::string& err) : - Internal_Error("Self test failed: " + err) - {} + const char* what() const throw() + { return "Ran out of memory, allocation failed"; } }; } diff --git a/src/utils/parsing.cpp b/src/utils/parsing.cpp index 58a8e0b38..4b99ac1ec 100644 --- a/src/utils/parsing.cpp +++ b/src/utils/parsing.cpp @@ -168,7 +168,7 @@ std::vector<std::string> split_on(const std::string& str, char delim) } if(substr == "") - throw Format_Error("Unable to split string: " + str); + throw Invalid_Argument("Unable to split string: " + str); elems.push_back(substr); return elems; -- cgit v1.2.3 From 7667619fa001b4b9dd9df663fc01fa7c31e5f4f9 Mon Sep 17 00:00:00 2001 From: lloyd <lloyd@randombit.net> Date: Tue, 2 Feb 2010 10:49:43 +0000 Subject: Move the get_byte template to its own header, because many files including loadstor.h actually just needed get_byte and nothing else. --- src/asn1/ber_dec.cpp | 2 +- src/asn1/der_enc.cpp | 4 ++-- src/checksum/crc24/crc24.cpp | 2 +- src/constructs/aont/package.cpp | 2 +- src/constructs/cryptobox/cryptobox.cpp | 2 +- src/constructs/fpe/fpe.cpp | 2 +- src/hash/md4_ia32/md4_ia32.cpp | 1 - src/hash/md5_ia32/md5_ia32.cpp | 1 - src/hash/sha1_ia32/sha1_ia32.cpp | 1 - src/kdf/kdf2/kdf2.cpp | 2 +- src/kdf/mgf1/mgf1.cpp | 2 +- src/math/bigint/bigint.cpp | 2 +- src/rng/hmac_rng/hmac_rng.cpp | 2 +- src/rng/randpool/randpool.cpp | 2 +- src/s2k/pbkdf2/pbkdf2.cpp | 2 +- src/utils/cpuid.cpp | 2 +- src/utils/get_byte.h | 27 +++++++++++++++++++++++++++ src/utils/info.txt | 1 + src/utils/loadstor.h | 11 +---------- src/utils/parsing.cpp | 2 +- 20 files changed, 44 insertions(+), 28 deletions(-) create mode 100644 src/utils/get_byte.h (limited to 'src/math') diff --git a/src/asn1/ber_dec.cpp b/src/asn1/ber_dec.cpp index b34bf8ca2..66a27dd4e 100644 --- a/src/asn1/ber_dec.cpp +++ b/src/asn1/ber_dec.cpp @@ -7,7 +7,7 @@ #include <botan/ber_dec.h> #include <botan/bigint.h> -#include <botan/loadstor.h> +#include <botan/get_byte.h> namespace Botan { diff --git a/src/asn1/der_enc.cpp b/src/asn1/der_enc.cpp index 3c318c291..e410292bb 100644 --- a/src/asn1/der_enc.cpp +++ b/src/asn1/der_enc.cpp @@ -8,9 +8,9 @@ #include <botan/der_enc.h> #include <botan/asn1_int.h> #include <botan/bigint.h> -#include <botan/loadstor.h> -#include <botan/internal/bit_ops.h> +#include <botan/get_byte.h> #include <botan/parsing.h> +#include <botan/internal/bit_ops.h> #include <algorithm> namespace Botan { diff --git a/src/checksum/crc24/crc24.cpp b/src/checksum/crc24/crc24.cpp index e50b4d33e..5441020f5 100644 --- a/src/checksum/crc24/crc24.cpp +++ b/src/checksum/crc24/crc24.cpp @@ -6,7 +6,7 @@ */ #include <botan/crc24.h> -#include <botan/loadstor.h> +#include <botan/get_byte.h> namespace Botan { diff --git a/src/constructs/aont/package.cpp b/src/constructs/aont/package.cpp index 8d2d7257d..5d1e674ca 100644 --- a/src/constructs/aont/package.cpp +++ b/src/constructs/aont/package.cpp @@ -9,7 +9,7 @@ #include <botan/package.h> #include <botan/filters.h> #include <botan/ctr.h> -#include <botan/loadstor.h> +#include <botan/get_byte.h> #include <botan/internal/xor_buf.h> namespace Botan { diff --git a/src/constructs/cryptobox/cryptobox.cpp b/src/constructs/cryptobox/cryptobox.cpp index c862b5c50..371b52e66 100644 --- a/src/constructs/cryptobox/cryptobox.cpp +++ b/src/constructs/cryptobox/cryptobox.cpp @@ -13,7 +13,7 @@ #include <botan/hmac.h> #include <botan/pbkdf2.h> #include <botan/pem.h> -#include <botan/loadstor.h> +#include <botan/get_byte.h> #include <botan/mem_ops.h> namespace Botan { diff --git a/src/constructs/fpe/fpe.cpp b/src/constructs/fpe/fpe.cpp index 86e56625d..a0b3274b5 100644 --- a/src/constructs/fpe/fpe.cpp +++ b/src/constructs/fpe/fpe.cpp @@ -12,7 +12,7 @@ #include <botan/numthry.h> #include <botan/hmac.h> #include <botan/sha2_32.h> -#include <botan/loadstor.h> +#include <botan/get_byte.h> #include <stdexcept> namespace Botan { diff --git a/src/hash/md4_ia32/md4_ia32.cpp b/src/hash/md4_ia32/md4_ia32.cpp index 12fe71da4..8a60d8f0e 100644 --- a/src/hash/md4_ia32/md4_ia32.cpp +++ b/src/hash/md4_ia32/md4_ia32.cpp @@ -6,7 +6,6 @@ */ #include <botan/md4_ia32.h> -#include <botan/loadstor.h> namespace Botan { diff --git a/src/hash/md5_ia32/md5_ia32.cpp b/src/hash/md5_ia32/md5_ia32.cpp index 443569b3b..affd0b8f7 100644 --- a/src/hash/md5_ia32/md5_ia32.cpp +++ b/src/hash/md5_ia32/md5_ia32.cpp @@ -6,7 +6,6 @@ */ #include <botan/md5_ia32.h> -#include <botan/loadstor.h> namespace Botan { diff --git a/src/hash/sha1_ia32/sha1_ia32.cpp b/src/hash/sha1_ia32/sha1_ia32.cpp index 0fa0b6bf2..6eecdab56 100644 --- a/src/hash/sha1_ia32/sha1_ia32.cpp +++ b/src/hash/sha1_ia32/sha1_ia32.cpp @@ -6,7 +6,6 @@ */ #include <botan/sha1_ia32.h> -#include <botan/loadstor.h> namespace Botan { diff --git a/src/kdf/kdf2/kdf2.cpp b/src/kdf/kdf2/kdf2.cpp index 167f64436..7cc1d7416 100644 --- a/src/kdf/kdf2/kdf2.cpp +++ b/src/kdf/kdf2/kdf2.cpp @@ -6,7 +6,7 @@ */ #include <botan/kdf2.h> -#include <botan/loadstor.h> +#include <botan/get_byte.h> namespace Botan { diff --git a/src/kdf/mgf1/mgf1.cpp b/src/kdf/mgf1/mgf1.cpp index a8c7e5fa3..340e87a7c 100644 --- a/src/kdf/mgf1/mgf1.cpp +++ b/src/kdf/mgf1/mgf1.cpp @@ -6,7 +6,7 @@ */ #include <botan/mgf1.h> -#include <botan/loadstor.h> +#include <botan/get_byte.h> #include <botan/exceptn.h> #include <botan/internal/xor_buf.h> #include <algorithm> diff --git a/src/math/bigint/bigint.cpp b/src/math/bigint/bigint.cpp index 70bb11a83..09ac2a75d 100644 --- a/src/math/bigint/bigint.cpp +++ b/src/math/bigint/bigint.cpp @@ -7,7 +7,7 @@ #include <botan/bigint.h> #include <botan/internal/mp_core.h> -#include <botan/loadstor.h> +#include <botan/get_byte.h> #include <botan/parsing.h> #include <botan/internal/rounding.h> diff --git a/src/rng/hmac_rng/hmac_rng.cpp b/src/rng/hmac_rng/hmac_rng.cpp index 995ec9259..84a7b1c13 100644 --- a/src/rng/hmac_rng/hmac_rng.cpp +++ b/src/rng/hmac_rng/hmac_rng.cpp @@ -6,7 +6,7 @@ */ #include <botan/hmac_rng.h> -#include <botan/loadstor.h> +#include <botan/get_byte.h> #include <botan/internal/xor_buf.h> #include <botan/internal/stl_util.h> #include <algorithm> diff --git a/src/rng/randpool/randpool.cpp b/src/rng/randpool/randpool.cpp index f6479b2dd..9a4d77e55 100644 --- a/src/rng/randpool/randpool.cpp +++ b/src/rng/randpool/randpool.cpp @@ -6,7 +6,7 @@ */ #include <botan/randpool.h> -#include <botan/loadstor.h> +#include <botan/get_byte.h> #include <botan/internal/xor_buf.h> #include <botan/internal/stl_util.h> #include <algorithm> diff --git a/src/s2k/pbkdf2/pbkdf2.cpp b/src/s2k/pbkdf2/pbkdf2.cpp index e7aebbfe2..f1fc6e29f 100644 --- a/src/s2k/pbkdf2/pbkdf2.cpp +++ b/src/s2k/pbkdf2/pbkdf2.cpp @@ -6,7 +6,7 @@ */ #include <botan/pbkdf2.h> -#include <botan/loadstor.h> +#include <botan/get_byte.h> #include <botan/internal/xor_buf.h> namespace Botan { diff --git a/src/utils/cpuid.cpp b/src/utils/cpuid.cpp index 924d29b1b..8d801b75f 100644 --- a/src/utils/cpuid.cpp +++ b/src/utils/cpuid.cpp @@ -7,7 +7,7 @@ #include <botan/cpuid.h> #include <botan/types.h> -#include <botan/loadstor.h> +#include <botan/get_byte.h> #include <botan/mem_ops.h> #if defined(BOTAN_TARGET_OS_IS_DARWIN) diff --git a/src/utils/get_byte.h b/src/utils/get_byte.h new file mode 100644 index 000000000..fce87af83 --- /dev/null +++ b/src/utils/get_byte.h @@ -0,0 +1,27 @@ +/* +* Read out bytes +* (C) 1999-2007 Jack Lloyd +* +* Distributed under the terms of the Botan license +*/ + +#ifndef BOTAN_GET_BYTE_H__ +#define BOTAN_GET_BYTE_H__ + +#include <botan/types.h> + +namespace Botan { + +/* +* Byte Extraction Function +*/ +template<typename T> inline byte get_byte(u32bit byte_num, T input) + { + return static_cast<byte>( + input >> ((sizeof(T)-1-(byte_num&(sizeof(T)-1))) << 3) + ); + } + +} + +#endif diff --git a/src/utils/info.txt b/src/utils/info.txt index 193d63a87..2fb3e79a5 100644 --- a/src/utils/info.txt +++ b/src/utils/info.txt @@ -35,6 +35,7 @@ time.h types.h ui.h version.h +get_byte.h </header:public> <libs> diff --git a/src/utils/loadstor.h b/src/utils/loadstor.h index bd2acc87d..ffd27540d 100644 --- a/src/utils/loadstor.h +++ b/src/utils/loadstor.h @@ -11,6 +11,7 @@ #include <botan/types.h> #include <botan/bswap.h> +#include <botan/get_byte.h> #include <cstring> #if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK @@ -37,16 +38,6 @@ namespace Botan { -/* -* Byte Extraction Function -*/ -template<typename T> inline byte get_byte(u32bit byte_num, T input) - { - return static_cast<byte>( - input >> ((sizeof(T)-1-(byte_num&(sizeof(T)-1))) << 3) - ); - } - /* * Byte to Word Conversions */ diff --git a/src/utils/parsing.cpp b/src/utils/parsing.cpp index 4b99ac1ec..e8259ac52 100644 --- a/src/utils/parsing.cpp +++ b/src/utils/parsing.cpp @@ -8,7 +8,7 @@ #include <botan/parsing.h> #include <botan/exceptn.h> #include <botan/charset.h> -#include <botan/loadstor.h> +#include <botan/get_byte.h> namespace Botan { -- cgit v1.2.3 From 899d91f8f3f53cf0c19389e2a3667d93974a8a53 Mon Sep 17 00:00:00 2001 From: lloyd <lloyd@randombit.net> Date: Wed, 17 Feb 2010 03:17:10 +0000 Subject: Remove almost entirely unnecessary friend access from GFpElement to GFpModulus. Doing this pointed out what is probably a threading/race bug as well: assigning to a single GFpElement causes it to reset the GFpModulus to new values, but of course the other GFpElements don't know about this. Sharing the GFpModulus was a really really bad design choice by the InSiTo folks and it needs to die. That might end up wasting a bit of memory, but it will probably fix a lot of nasty bugs, and also remove the use of atomic operations which in the long run is going to hurt performance a lot worse than some extra cache use. --- src/math/gfpmath/gfp_element.cpp | 94 ++++++++++++++++++---------------------- src/math/gfpmath/gfp_element.h | 4 -- src/math/gfpmath/gfp_modulus.h | 11 ++++- 3 files changed, 50 insertions(+), 59 deletions(-) (limited to 'src/math') diff --git a/src/math/gfpmath/gfp_element.cpp b/src/math/gfpmath/gfp_element.cpp index 233f2e4cd..c76a4d020 100644 --- a/src/math/gfpmath/gfp_element.cpp +++ b/src/math/gfpmath/gfp_element.cpp @@ -173,14 +173,14 @@ GFpElement::GFpElement(const BigInt& p, const BigInt& value, bool use_montgm) { assert(mp_mod.get() == 0); mp_mod = std::tr1::shared_ptr<GFpModulus>(new GFpModulus(p)); - assert(mp_mod->m_p_dash == 0); + assert(mp_mod->get_p_dash() == 0); if(m_use_montgm) ensure_montgm_precomp(); } GFpElement::GFpElement(std::tr1::shared_ptr<GFpModulus> const mod, const BigInt& value, bool use_montgm) : mp_mod(), - m_value(value % mod->m_p), + m_value(value % mod->get_p()), m_use_montgm(use_montgm), m_is_trf(false) { @@ -218,29 +218,19 @@ void GFpElement::turn_off_sp_red_mul() const void GFpElement::ensure_montgm_precomp() const { - if((!mp_mod->m_r.is_zero()) && (!mp_mod->m_r_inv.is_zero()) && (!mp_mod->m_p_dash.is_zero())) + if((!mp_mod->get_r().is_zero()) && (!mp_mod->get_r_inv().is_zero()) && (!mp_mod->get_p_dash().is_zero())) { // values are already set, nothing more to do } else { - BigInt tmp_r(montgm_calc_r_oddmod(mp_mod->m_p)); + BigInt tmp_r(montgm_calc_r_oddmod(mp_mod->get_p())); - BigInt tmp_r_inv(inverse_mod(tmp_r, mp_mod->m_p)); + BigInt tmp_r_inv(inverse_mod(tmp_r, mp_mod->get_p())); - BigInt tmp_p_dash(montgm_calc_m_dash(tmp_r, mp_mod->m_p, tmp_r_inv)); + BigInt tmp_p_dash(montgm_calc_m_dash(tmp_r, mp_mod->get_p(), tmp_r_inv)); - mp_mod->m_r.grow_reg(tmp_r.size()); - mp_mod->m_r_inv.grow_reg(tmp_r_inv.size()); - mp_mod->m_p_dash.grow_reg(tmp_p_dash.size()); - - mp_mod->m_r = tmp_r; - mp_mod->m_r_inv = tmp_r_inv; - mp_mod->m_p_dash = tmp_p_dash; - - assert(!mp_mod->m_r.is_zero()); - assert(!mp_mod->m_r_inv.is_zero()); - assert(!mp_mod->m_p_dash.is_zero()); + mp_mod->reset_values(tmp_p_dash, tmp_r, tmp_r_inv); } } @@ -257,27 +247,27 @@ void GFpElement::trf_to_mres() const throw Illegal_Transformation("GFpElement is not allowed to be transformed to m-residue"); } assert(m_is_trf == false); - assert(!mp_mod->m_r_inv.is_zero()); - assert(!mp_mod->m_p_dash.is_zero()); - m_value = montg_trf_to_mres(m_value, mp_mod->m_r, mp_mod->m_p); + assert(!mp_mod->get_r_inv().is_zero()); + assert(!mp_mod->get_p_dash().is_zero()); + m_value = montg_trf_to_mres(m_value, mp_mod->get_r(), mp_mod->get_p()); m_is_trf = true; } void GFpElement::trf_to_ordres() const { assert(m_is_trf == true); - m_value = montg_trf_to_ordres(m_value, mp_mod->m_p, mp_mod->m_r_inv); + m_value = montg_trf_to_ordres(m_value, mp_mod->get_p(), mp_mod->get_r_inv()); m_is_trf = false; } bool GFpElement::align_operands_res(const GFpElement& lhs, const GFpElement& rhs) //static { - assert(lhs.mp_mod->m_p == rhs.mp_mod->m_p); + assert(lhs.mp_mod->get_p() == rhs.mp_mod->get_p()); if(lhs.m_use_montgm && rhs.m_use_montgm) { - assert(rhs.mp_mod->m_p_dash == lhs.mp_mod->m_p_dash); - assert(rhs.mp_mod->m_r == lhs.mp_mod->m_r); - assert(rhs.mp_mod->m_r_inv == lhs.mp_mod->m_r_inv); + assert(rhs.mp_mod->get_p_dash() == lhs.mp_mod->get_p_dash()); + assert(rhs.mp_mod->get_r() == lhs.mp_mod->get_r()); + assert(rhs.mp_mod->get_r_inv() == lhs.mp_mod->get_r_inv()); if(!lhs.m_is_trf && !rhs.m_is_trf) { return false; @@ -327,7 +317,7 @@ bool GFpElement::is_trf_to_mres() const const BigInt& GFpElement::get_p() const { - return (mp_mod->m_p); + return (mp_mod->get_p()); } const BigInt& GFpElement::get_value() const @@ -382,7 +372,7 @@ const GFpElement& GFpElement::operator=(const GFpElement& other) m_is_trf = other.m_is_trf; return *this; } - if(mp_mod->m_p != other.mp_mod->m_p) + if(mp_mod->get_p() != other.mp_mod->get_p()) { // the moduli are different, this is a special case // which will not occur in usual applications, @@ -419,13 +409,11 @@ const GFpElement& GFpElement::operator=(const GFpElement& other) { // fetch them for our sharing group // exc. safety note: grow first - mp_mod->m_p_dash.grow_reg(other.mp_mod->m_p_dash.size()); - mp_mod->m_r.grow_reg(other.mp_mod->m_r.size()); - mp_mod->m_r_inv.grow_reg(other.mp_mod->m_r_inv.size()); - mp_mod->m_p_dash = other.mp_mod->m_p_dash; - mp_mod->m_r = other.mp_mod->m_r; - mp_mod->m_r_inv = other.mp_mod->m_r_inv; + mp_mod->reset_values(other.mp_mod->get_p_dash(), + other.mp_mod->get_r(), + other.mp_mod->get_r_inv()); + return *this; } } @@ -453,11 +441,11 @@ GFpElement& GFpElement::operator+=(const GFpElement& rhs) workspace = m_value; workspace += rhs.m_value; - if(workspace >= mp_mod->m_p) - workspace -= mp_mod->m_p; + if(workspace >= mp_mod->get_p()) + workspace -= mp_mod->get_p(); m_value = workspace; - assert(m_value < mp_mod->m_p); + assert(m_value < mp_mod->get_p()); assert(m_value >= 0); return *this; @@ -472,10 +460,10 @@ GFpElement& GFpElement::operator-=(const GFpElement& rhs) workspace -= rhs.m_value; if(workspace.is_negative()) - workspace += mp_mod->m_p; + workspace += mp_mod->get_p(); m_value = workspace; - assert(m_value < mp_mod->m_p); + assert(m_value < mp_mod->get_p()); assert(m_value >= 0); return *this; } @@ -484,22 +472,22 @@ GFpElement& GFpElement::operator*= (u32bit rhs) { workspace = m_value; workspace *= rhs; - workspace %= mp_mod->m_p; + workspace %= mp_mod->get_p(); m_value = workspace; return *this; } GFpElement& GFpElement::operator*=(const GFpElement& rhs) { - assert(rhs.mp_mod->m_p == mp_mod->m_p); + assert(rhs.mp_mod->get_p() == mp_mod->get_p()); // here, we do not use align_operands_res() for one simple reason: // we want to enforce the transformation to an m-residue, otherwise it would // never happen if(m_use_montgm && rhs.m_use_montgm) { - assert(rhs.mp_mod->m_p == mp_mod->m_p); // is montgm. mult is on, then precomps must be there - assert(rhs.mp_mod->m_p_dash == mp_mod->m_p_dash); - assert(rhs.mp_mod->m_r == mp_mod->m_r); + assert(rhs.mp_mod->get_p() == mp_mod->get_p()); // is montgm. mult is on, then precomps must be there + assert(rhs.mp_mod->get_p_dash() == mp_mod->get_p_dash()); + assert(rhs.mp_mod->get_r() == mp_mod->get_r()); if(!m_is_trf) { trf_to_mres(); @@ -509,7 +497,7 @@ GFpElement& GFpElement::operator*=(const GFpElement& rhs) rhs.trf_to_mres(); } workspace = m_value; - montg_mult(m_value, workspace, rhs.m_value, mp_mod->m_p, mp_mod->m_p_dash, mp_mod->m_r); + montg_mult(m_value, workspace, rhs.m_value, mp_mod->get_p(), mp_mod->get_p_dash(), mp_mod->get_r()); } else // ordinary multiplication { @@ -526,7 +514,7 @@ GFpElement& GFpElement::operator*=(const GFpElement& rhs) workspace = m_value; workspace *= rhs.m_value; - workspace %= mp_mod->m_p; + workspace %= mp_mod->get_p(); m_value = workspace; } return *this; @@ -545,7 +533,7 @@ GFpElement& GFpElement::operator/=(const GFpElement& rhs) rhs_ordres.inverse_in_place(); workspace = m_value; workspace *= rhs_ordres.get_value(); - workspace %= mp_mod->m_p; + workspace %= mp_mod->get_p(); m_value = workspace; } @@ -566,23 +554,23 @@ bool GFpElement::is_zero() GFpElement& GFpElement::inverse_in_place() { - m_value = inverse_mod(m_value, mp_mod->m_p); + m_value = inverse_mod(m_value, mp_mod->get_p()); if(m_is_trf) { assert(m_use_montgm); - m_value *= mp_mod->m_r; - m_value *= mp_mod->m_r; - m_value %= mp_mod->m_p; + m_value *= mp_mod->get_r(); + m_value *= mp_mod->get_r(); + m_value %= mp_mod->get_p(); } - assert(m_value <= mp_mod->m_p); + assert(m_value <= mp_mod->get_p()); return *this; } GFpElement& GFpElement::negate() { - m_value = mp_mod->m_p - m_value; - assert(m_value <= mp_mod->m_p); + m_value = mp_mod->get_p() - m_value; + assert(m_value <= mp_mod->get_p()); return *this; } diff --git a/src/math/gfpmath/gfp_element.h b/src/math/gfpmath/gfp_element.h index 7a8644fee..84009ef12 100644 --- a/src/math/gfpmath/gfp_element.h +++ b/src/math/gfpmath/gfp_element.h @@ -223,10 +223,6 @@ class BOTAN_DLL GFpElement */ static bool align_operands_res(const GFpElement& lhs, const GFpElement& rhs); - //friend declarations for non-member functions - - friend class Point_Coords_GFp; - /** * swaps the states of *this and other, does not throw! * @param other The value to swap with diff --git a/src/math/gfpmath/gfp_modulus.h b/src/math/gfpmath/gfp_modulus.h index 03e8a19e0..ace42b27d 100644 --- a/src/math/gfpmath/gfp_modulus.h +++ b/src/math/gfpmath/gfp_modulus.h @@ -22,8 +22,6 @@ class GFpElement; class BOTAN_DLL GFpModulus { public: - friend class GFpElement; - /** * Construct a GF(P)-Modulus from a BigInt */ @@ -109,6 +107,15 @@ class BOTAN_DLL GFpModulus } // default cp-ctor, op= are fine + void reset_values(const BigInt& new_p_dash, + const BigInt& new_r, + const BigInt& new_r_inv) + { + m_p_dash = new_p_dash; + m_r = new_r; + m_r_inv = new_r_inv; + } + private: BigInt m_p; // the modulus itself mutable BigInt m_p_dash; -- cgit v1.2.3 From cdc5e1aa4761da1a353aa71b9b35cb02bdf9800d Mon Sep 17 00:00:00 2001 From: lloyd <lloyd@randombit.net> Date: Tue, 23 Feb 2010 18:15:44 +0000 Subject: Remove use of tr1 entirely from gfpmath. Remove a handful of tests which were based on testing the sharing aspects, which are gone now; everything is based on value copies. All tests pass on x86-64 with GCC. Valgrind output looks clean too. --- checks/ec_tests.cpp | 43 +-- checks/gfpmath.cpp | 162 +---------- src/math/gfpmath/curve_gfp.cpp | 147 ++-------- src/math/gfpmath/curve_gfp.h | 63 +---- src/math/gfpmath/gfp_element.cpp | 226 ++++------------ src/math/gfpmath/gfp_element.h | 87 +----- src/math/gfpmath/gfp_modulus.h | 35 +-- src/math/gfpmath/info.txt | 2 - src/math/gfpmath/point_gfp.cpp | 571 ++++++++++++--------------------------- src/math/gfpmath/point_gfp.h | 78 ++---- 10 files changed, 309 insertions(+), 1105 deletions(-) (limited to 'src/math') diff --git a/checks/ec_tests.cpp b/checks/ec_tests.cpp index 8727a4624..871425d20 100644 --- a/checks/ec_tests.cpp +++ b/checks/ec_tests.cpp @@ -85,16 +85,16 @@ void test_point_turn_on_sp_red_mul() CHECK_MESSAGE(r1 == r2, "error with point mul after extra turn on sp red mul"); CHECK(r1.get_affine_x().get_value() != BigInt("0")); - std::tr1::shared_ptr<PointGFp> p_r1(new PointGFp(r1)); - std::tr1::shared_ptr<PointGFp> p_r2(new PointGFp(r2)); - - p_r1->mult2_in_place(); // wird für Fehler nicht gebraucht - p_r2->turn_on_sp_red_mul(); // 1. t_o() macht nur p_r2 kaputt - p_r2->turn_on_sp_red_mul(); // 2. t_o() macht auch p_r1 kaputt!!! - p_r2->mult2_in_place(); // wird für Fehler nicht gebraucht - CHECK_MESSAGE(p_r1->get_affine_x() == p_r2->get_affine_x(), "error with mult2 after extra turn on sp red mul"); - CHECK(p_r1->get_affine_x().get_value() != BigInt("0")); - CHECK(p_r2->get_affine_x().get_value() != BigInt("0")); + PointGFp p_r1 = r1; + PointGFp p_r2 = r2; + + p_r1.mult2_in_place(); // wird für Fehler nicht gebraucht + p_r2.turn_on_sp_red_mul(); // 1. t_o() macht nur p_r2 kaputt + p_r2.turn_on_sp_red_mul(); // 2. t_o() macht auch p_r1 kaputt!!! + p_r2.mult2_in_place(); // wird für Fehler nicht gebraucht + CHECK_MESSAGE(p_r1.get_affine_x() == p_r2.get_affine_x(), "error with mult2 after extra turn on sp red mul"); + CHECK(p_r1.get_affine_x().get_value() != BigInt("0")); + CHECK(p_r2.get_affine_x().get_value() != BigInt("0")); r1.mult2_in_place(); r2.turn_on_sp_red_mul(); @@ -1072,28 +1072,6 @@ void test_mult_sec_mass(RandomNumberGenerator& rng) } } -/** -* The following test verifies that PointGFps copy-ctor and assignment operator -* produce non-sharing Objects -*/ -void test_point_ctors_ass_unshared() - { - std::cout << "." << std::flush; - - EC_Domain_Params dom_pars(get_EC_Dom_Pars_by_oid("1.3.132.0.8")); - PointGFp p = dom_pars.get_base_point(); - PointGFp ind_cpy(p); - - // doesn´t work this way, because getters of point return an independent copy! - CHECK(p.get_jac_proj_x().get_ptr_mod().get() != ind_cpy.get_jac_proj_x().get_ptr_mod().get()); - //CHECK(p.get_x().get_ptr_r().get() != ind_cpy.get_x().get_ptr_r().get()); - - PointGFp ind_ass(p); - ind_ass = p; - CHECK(p.get_jac_proj_x().get_ptr_mod().get() != ind_ass.get_jac_proj_x().get_ptr_mod().get()); - //CHECK(p.get_x().get_ptr_r().get() != ind_ass.get_x().get_ptr_r().get()); - } - void test_curve_cp_ctor() { std::cout << "." << std::flush; @@ -1216,7 +1194,6 @@ void do_ec_tests(RandomNumberGenerator& rng) test_point_swap(rng); test_mult_sec(); test_mult_sec_mass(rng); - test_point_ctors_ass_unshared(); test_curve_cp_ctor(); test_ec_key_cp_and_assignment(rng); test_ec_key_cast(rng); diff --git a/checks/gfpmath.cpp b/checks/gfpmath.cpp index 2352bba7e..50e1818c7 100644 --- a/checks/gfpmath.cpp +++ b/checks/gfpmath.cpp @@ -471,181 +471,23 @@ bool test_gfp_mult_u32bit() return pass; } -/** -* This tests verifies the functionality of sharing pointers for modulus dependent values -*/ -bool test_gfp_shared_vals() - { - std::cout << '.' << std::flush; - - bool pass = true; - - BigInt p("5334243285367"); - GFpElement a(p, BigInt("234090")); - GFpElement shcpy_a(1,0); - shcpy_a.share_assign(a); - std::tr1::shared_ptr<GFpModulus> ptr1 = a.get_ptr_mod(); - std::tr1::shared_ptr<GFpModulus> ptr2 = shcpy_a.get_ptr_mod(); - CHECK_MESSAGE(ptr1.get() == ptr2.get(), "shared pointers for moduli aren´t equal"); - - GFpElement b(1,0); - b = a; // create a non shared copy - std::tr1::shared_ptr<GFpModulus> ptr_b_p = b.get_ptr_mod(); - CHECK_MESSAGE(ptr1.get() != ptr_b_p.get(), "non shared pointers for moduli are equal"); - - a.turn_on_sp_red_mul(); - GFpElement c1 = a * shcpy_a; - GFpElement c2 = a * a; - GFpElement c3 = shcpy_a * shcpy_a; - GFpElement c4 = shcpy_a * a; - shcpy_a.turn_on_sp_red_mul(); - GFpElement c5 = shcpy_a * shcpy_a; - - if(c1 != c2 || c2 != c3 || c3 != c4 || c4 != c5) - { - std::cout << "test_gfp_shared_vals failed" - << " a=" << a - << " shcpy_a=" << shcpy_a - << " c1=" << c1 << " c2=" << c2 - << " c3=" << c3 << " c4=" << c4 - << " c5=" << c5 << "\n"; - pass = false; - } - - swap(a,shcpy_a); - std::tr1::shared_ptr<GFpModulus> ptr3 = a.get_ptr_mod(); - std::tr1::shared_ptr<GFpModulus> ptr4 = shcpy_a.get_ptr_mod(); - CHECK_MESSAGE(ptr3.get() == ptr4.get(), "shared pointers for moduli aren´t equal after swap"); - CHECK(ptr1.get() == ptr4.get()); - CHECK(ptr2.get() == ptr3.get()); - - swap(a,b); - std::tr1::shared_ptr<GFpModulus> ptr_a = a.get_ptr_mod(); - std::tr1::shared_ptr<GFpModulus> ptr_b = shcpy_a.get_ptr_mod(); - CHECK(ptr_a.get() == ptr_b_p.get()); - CHECK(ptr_b.get() == ptr3.get()); - return pass; - } - -/** -* The following test checks the behaviour of GFpElements assignment operator, which -* has quite complex behaviour with respect to sharing groups and precomputed values -* (with respect to montgomery mult.) -*/ -bool test_gfpel_ass_op() - { - std::cout << '.' << std::flush; - - bool pass = true; - - - // test different moduli - GFpElement a(23,4); - GFpElement b(11,6); - - GFpElement b2(11,6); - - a = b; - CHECK(a==b2); - CHECK(a.get_value() == b2.get_value()); - CHECK(a.get_p() == b2.get_p()); - CHECK(a.get_ptr_mod().get() != b.get_ptr_mod().get()); // sharing groups - // may not be fused! - - // also test some share_assign()... - a.share_assign(b); - CHECK(a==b2); - CHECK(a.get_value() == b2.get_value()); - CHECK(a.get_p() == b2.get_p()); - CHECK(a.get_ptr_mod().get() == b.get_ptr_mod().get()); // sharing groups - // shall be fused! - //--------------------------- - - // test assignment within sharing group - // with montg.mult. - GFpElement c(5,2); - GFpElement d(5,2); - d.share_assign(c); - CHECK(d.get_ptr_mod().get() == c.get_ptr_mod().get()); - CHECK(d.get_ptr_mod()->get_p() == c.get_ptr_mod()->get_p()); - CHECK(c.get_ptr_mod()->get_r().is_zero()); - c.turn_on_sp_red_mul(); - CHECK(d.get_ptr_mod().get() == c.get_ptr_mod().get()); - CHECK(d.get_ptr_mod()->get_p() == c.get_ptr_mod()->get_p()); - CHECK(!c.get_ptr_mod()->get_p().is_zero()); - GFpElement f(11,5); - d = f; - CHECK(f.get_ptr_mod().get() != c.get_ptr_mod().get()); - - GFpElement e = c*c; - GFpElement g = d*d; - GFpElement h = f*f; - CHECK(h == g); - - GFpElement c2(5,2); - GFpElement d2(5,2); - d2.share_assign(c2); - GFpElement f2(11,5); - d2 = f2; - c2.turn_on_sp_red_mul(); - CHECK(d2.get_ptr_mod().get() != c2.get_ptr_mod().get()); // the sharing group was left - CHECK(d2.get_ptr_mod()->get_r() == f2.get_ptr_mod()->get_r()); - CHECK(c2.get_p() == 5); // c2´s shared values weren´t modified because - // the sharing group with d2 was separated by - // the assignment "d2 = f2" - - d2.turn_on_sp_red_mul(); - CHECK(d2.get_ptr_mod()->get_p() != c2.get_ptr_mod()->get_p()); - GFpElement e2 = c2*c2; - GFpElement g2 = d2*d2; - GFpElement h2 = f2*f2; - CHECK(h2 == g2); - - GFpElement c3(5,2); - GFpElement d3(5,2); - d3.share_assign(c3); - GFpElement f3(11,2); - d3 = f3; - GFpElement e3 = c3*c3; - GFpElement g3 = d3*d3; - - CHECK(e == e2); - CHECK(g == g2); - - CHECK(e == e3); - CHECK(g == g2); - return pass; - } - bool test_gfp_swap() { std::cout << '.' << std::flush; bool pass = true; - BigInt p("173"); GFpElement a(p, BigInt("2342")); GFpElement b(p, BigInt("423420")); - GFpModulus* a_mod = a.get_ptr_mod().get(); - GFpModulus* b_mod = b.get_ptr_mod().get(); - - //GFpModulus* a_d = a.get_ptr_mod()->get_p_dash(); - //GFpModulus* b_d = b.get_ptr_mod()->get_p_dash(); - swap(a,b); CHECK_MESSAGE(b.get_value() == 2342%173, "actual value of b was: " << b.get_value() ); CHECK_MESSAGE(a.get_value() == 423420%173, "actual value of a was: " << a.get_value() ); - CHECK(a_mod == b.get_ptr_mod().get()); - CHECK(b_mod == a.get_ptr_mod().get()); - //CHECK(a_d == b.get_ptr_mod()->get_p_dash()); - //CHECK(b_d == a.get_ptr_p_dash()->get_p_dash()); - GFpElement c(p, BigInt("2342329")); GFpElement d(1,1); - d.share_assign(c); + d = c; d += d; c.swap(d); CHECK(d.get_value() == 2342329%173); @@ -792,8 +634,6 @@ u32bit do_gfpmath_tests(Botan::RandomNumberGenerator& rng) failed += !test_gfp_sub(); failed += !test_more_gfp_div(); failed += !test_gfp_mult_u32bit(); - failed += !test_gfp_shared_vals(); - failed += !test_gfpel_ass_op(); failed += !test_gfp_swap(); failed += !test_inv_in_place(); failed += !test_op_eq(); diff --git a/src/math/gfpmath/curve_gfp.cpp b/src/math/gfpmath/curve_gfp.cpp index 9a3ffd482..cf687b6ab 100644 --- a/src/math/gfpmath/curve_gfp.cpp +++ b/src/math/gfpmath/curve_gfp.cpp @@ -2,7 +2,7 @@ * Elliptic curves over GF(p) * * (C) 2007 Martin Doering, Christoph Ludwig, Falko Strenzke -* 2008 Jack Lloyd +* 2008-2010 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -14,147 +14,40 @@ namespace Botan { -void CurveGFp::set_shrd_mod(const std::tr1::shared_ptr<GFpModulus> mod) - { - mp_mod = mod; - mA.turn_off_sp_red_mul();// m.m. is not needed, must be trf. back - mB.turn_off_sp_red_mul();// m.m. is not needed, must be trf. back - //ok, above we destroy any evantually computated montg. mult. values, - // but that won't influence performance in usual applications - mA.set_shrd_mod(mod); - mB.set_shrd_mod(mod); - } - CurveGFp::CurveGFp(const GFpElement& a, const GFpElement& b, - const BigInt& p) - : mA(a), - mB(b) + const BigInt& p) : + modulus(p), mA(a), mB(b), + mres_a(mA), mres_b(mB), mres_one(p, 1) { - if(!((p == mA.get_p()) && (p == mB.get_p()))) - { + if(p != mA.get_p() || p != mB.get_p()) throw Invalid_Argument("could not construct curve: moduli of arguments differ"); - } - std::tr1::shared_ptr<GFpModulus> p_mod = std::tr1::shared_ptr<GFpModulus>(new GFpModulus(p)); - // the above is the creation of the GFpModuls object which will be shared point-wide - // (in the context of a point of course) - set_shrd_mod(p_mod); - } -// copy constructor -CurveGFp::CurveGFp(const CurveGFp& other) - : mA(other.get_a()), - mB(other.get_b()) - { - mp_mod = std::tr1::shared_ptr<GFpModulus>(new GFpModulus(*other.mp_mod)); - assert(mp_mod->p_equal_to(mA.get_p())); - assert(mp_mod->p_equal_to(mB.get_p())); - set_shrd_mod(mp_mod); - if(other.mp_mres_a.get()) - { - mp_mres_a = std::tr1::shared_ptr<GFpElement>(new GFpElement(*other.mp_mres_a)); - } - if(other.mp_mres_b.get()) - { - mp_mres_b = std::tr1::shared_ptr<GFpElement>(new GFpElement(*other.mp_mres_b)); - } - if(other.mp_mres_one.get()) - { - mp_mres_one = std::tr1::shared_ptr<GFpElement>(new GFpElement(*other.mp_mres_one)); - } - - } -// assignment operator -const CurveGFp& CurveGFp::operator=(const CurveGFp& other) - { - // for exception safety... - GFpElement a_tmp = other.mA; - GFpElement b_tmp = other.mB; - mA.swap(a_tmp); - mB.swap(b_tmp); - - std::tr1::shared_ptr<GFpModulus> p_mod = std::tr1::shared_ptr<GFpModulus>(new GFpModulus(*other.mp_mod)); - set_shrd_mod(p_mod); - - // exception safety note: no problem if we have a throw from here on... - if(other.mp_mres_a.get()) - { - mp_mres_a = std::tr1::shared_ptr<GFpElement>(new GFpElement(*other.mp_mres_a)); - } - if(other.mp_mres_b.get()) - { - mp_mres_b = std::tr1::shared_ptr<GFpElement>(new GFpElement(*other.mp_mres_b)); - } - if(other.mp_mres_one.get()) - { - mp_mres_one = std::tr1::shared_ptr<GFpElement>(new GFpElement(*other.mp_mres_one)); - } - return *this; - } - -// getters -const GFpElement& CurveGFp::get_a() const - { - return mA; - } + mres_a.turn_on_sp_red_mul(); + mres_a.get_mres(); -const GFpElement& CurveGFp::get_b() const - { - return mB; - } + mres_b.turn_on_sp_red_mul(); + mres_b.get_mres(); -const BigInt CurveGFp::get_p() const - { - assert(mp_mod.get() != 0); - return mp_mod->get_p(); + mres_one.turn_on_sp_red_mul(); + mres_one.get_mres(); } // swaps the states of *this and other, does not throw void CurveGFp::swap(CurveGFp& other) { - mA.swap(other.mA); - mB.swap(other.mB); - mp_mod.swap(other.mp_mod); - std::swap(mp_mres_a, other.mp_mres_a); - std::swap(mp_mres_b, other.mp_mres_b); - std::swap(mp_mres_one, other.mp_mres_one); - } - -GFpElement const CurveGFp::get_mres_a() const - { - if(mp_mres_a.get() == 0) - { - mp_mres_a = std::tr1::shared_ptr<GFpElement>(new GFpElement(mA)); - mp_mres_a->turn_on_sp_red_mul(); - mp_mres_a->get_mres(); - } - return GFpElement(*mp_mres_a); - } - -GFpElement const CurveGFp::get_mres_b() const - { - if(mp_mres_b.get() == 0) - { - mp_mres_b = std::tr1::shared_ptr<GFpElement>(new GFpElement(mB)); - mp_mres_b->turn_on_sp_red_mul(); - mp_mres_b->get_mres(); - } - return GFpElement(*mp_mres_b); - } - -std::tr1::shared_ptr<GFpElement const> const CurveGFp::get_mres_one() const - { - if(mp_mres_one.get() == 0) - { - mp_mres_one = std::tr1::shared_ptr<GFpElement>(new GFpElement(mp_mod->get_p(), 1)); - mp_mres_one->turn_on_sp_red_mul(); - mp_mres_one->get_mres(); - } - return mp_mres_one; + std::swap(mA, other.mA); + std::swap(mB, other.mB); + std::swap(modulus, other.modulus); + std::swap(mres_a, other.mres_a); + std::swap(mres_b, other.mres_b); + std::swap(mres_one, other.mres_one); } bool operator==(const CurveGFp& lhs, const CurveGFp& rhs) { - return (lhs.get_p() == rhs.get_p() && lhs.get_a() == rhs.get_a() && lhs.get_b() == rhs.get_b()); + return (lhs.get_p() == rhs.get_p() && + lhs.get_a() == rhs.get_a() && + lhs.get_b() == rhs.get_b()); } std::ostream& operator<<(std::ostream& output, const CurveGFp& elem) diff --git a/src/math/gfpmath/curve_gfp.h b/src/math/gfpmath/curve_gfp.h index 53bbc1f3c..5641e80d1 100644 --- a/src/math/gfpmath/curve_gfp.h +++ b/src/math/gfpmath/curve_gfp.h @@ -2,6 +2,7 @@ * Elliptic curves over GF(p) * * (C) 2007 Martin Doering, Christoph Ludwig, Falko Strenzke +* 2010 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -9,7 +10,6 @@ #ifndef BOTAN_GFP_CURVE_H__ #define BOTAN_GFP_CURVE_H__ -#include <botan/bigint.h> #include <botan/gfp_element.h> #include <iosfwd> @@ -31,28 +31,8 @@ class BOTAN_DLL CurveGFp CurveGFp(const GFpElement& a, const GFpElement& b, const BigInt& p); - /** - * Copy constructor - * @param other The curve to clone - */ - CurveGFp(const CurveGFp& other); - - /** - * Assignment operator - * @param other The curve to use as source for the assignment - */ - const CurveGFp& operator=(const CurveGFp& other); - - /** - * Set the shared GFpModulus object. - * Warning: do not use this function unless you know in detail how - * the sharing of values - * in the various EC related objects works. - * Do NOT spread pointers to a GFpModulus over different threads! - * @param mod a shared pointer to a GFpModulus object suitable for - * *this. - */ - void set_shrd_mod(const std::tr1::shared_ptr<GFpModulus> mod); + // CurveGFp(const CurveGFp& other) = default; + // CurveGFp& operator=(const CurveGFp& other) = default; // getters @@ -60,13 +40,13 @@ class BOTAN_DLL CurveGFp * Get coefficient a * @result coefficient a */ - const GFpElement& get_a() const; + const GFpElement& get_a() const { return mA; } /** * Get coefficient b * @result coefficient b */ - const GFpElement& get_b() const; + const GFpElement& get_b() const { return mB; } /** * Get the GFpElement coefficient a transformed @@ -75,7 +55,7 @@ class BOTAN_DLL CurveGFp * function. * @result the coefficient a, transformed to its m-residue */ - GFpElement const get_mres_a() const; + const GFpElement& get_mres_a() const { return mres_a; } /** * Get the GFpElement coefficient b transformed @@ -84,8 +64,7 @@ class BOTAN_DLL CurveGFp * function. * @result the coefficient b, transformed to its m-residue */ - GFpElement const get_mres_b() const; - + const GFpElement& get_mres_b() const { return mres_b; } /** * Get the GFpElement 1 transformed @@ -94,31 +73,13 @@ class BOTAN_DLL CurveGFp * function. * @result the GFpElement 1, transformed to its m-residue */ - std::tr1::shared_ptr<GFpElement const> const get_mres_one() const; + const GFpElement& get_mres_one() { return mres_one; } /** * Get prime modulus of the field of the curve * @result prime modulus of the field of the curve */ - BigInt const get_p() const; - /*inline std::tr1::shared_ptr<BigInt> const get_ptr_p() const - { - return mp_p; - }*/ - - /** - * Retrieve a shared pointer to the curves GFpModulus object for - * efficient storage and computation of montgomery multiplication - * related data members and functions. Warning: do not use this - * function unless you know in detail how the sharing of values - * in the various EC related objects works. Do NOT spread - * pointers to a GFpModulus over different threads! - * @result a shared pointer to a GFpModulus object - */ - inline std::tr1::shared_ptr<GFpModulus> const get_ptr_mod() const - { - return mp_mod; - } + const BigInt& get_p() const { return modulus.get_p(); } /** * swaps the states of *this and other, does not throw @@ -127,12 +88,10 @@ class BOTAN_DLL CurveGFp void swap(CurveGFp& other); private: - std::tr1::shared_ptr<GFpModulus> mp_mod; + GFpModulus modulus; GFpElement mA; GFpElement mB; - mutable std::tr1::shared_ptr<GFpElement> mp_mres_a; - mutable std::tr1::shared_ptr<GFpElement> mp_mres_b; - mutable std::tr1::shared_ptr<GFpElement> mp_mres_one; + GFpElement mres_a, mres_b, mres_one; }; // relational operators diff --git a/src/math/gfpmath/gfp_element.cpp b/src/math/gfpmath/gfp_element.cpp index c76a4d020..7e660213e 100644 --- a/src/math/gfpmath/gfp_element.cpp +++ b/src/math/gfpmath/gfp_element.cpp @@ -166,39 +166,12 @@ BigInt montg_trf_to_ordres(const BigInt& m_res, const BigInt& m, const BigInt& r } GFpElement::GFpElement(const BigInt& p, const BigInt& value, bool use_montgm) - : mp_mod(), - m_value(value %p), - m_use_montgm(use_montgm), - m_is_trf(false) - { - assert(mp_mod.get() == 0); - mp_mod = std::tr1::shared_ptr<GFpModulus>(new GFpModulus(p)); - assert(mp_mod->get_p_dash() == 0); + : modulus(p), m_value(value %p), m_use_montgm(use_montgm), m_is_trf(false) + { if(m_use_montgm) ensure_montgm_precomp(); } -GFpElement::GFpElement(std::tr1::shared_ptr<GFpModulus> const mod, const BigInt& value, bool use_montgm) - : mp_mod(), - m_value(value % mod->get_p()), - m_use_montgm(use_montgm), - m_is_trf(false) - { - assert(mp_mod.get() == 0); - mp_mod = mod; - } - -GFpElement::GFpElement(const GFpElement& other) - : m_value(other.m_value), - m_use_montgm(other.m_use_montgm), - m_is_trf(other.m_is_trf) - - { - //creates an independent copy - assert((other.m_is_trf && other.m_use_montgm) || !other.m_is_trf); - mp_mod.reset(new GFpModulus(*other.mp_mod)); // copy-ctor of GFpModulus - } - void GFpElement::turn_on_sp_red_mul() const { ensure_montgm_precomp(); @@ -218,28 +191,23 @@ void GFpElement::turn_off_sp_red_mul() const void GFpElement::ensure_montgm_precomp() const { - if((!mp_mod->get_r().is_zero()) && (!mp_mod->get_r_inv().is_zero()) && (!mp_mod->get_p_dash().is_zero())) + if((!modulus.get_r().is_zero()) && (!modulus.get_r_inv().is_zero()) && (!modulus.get_p_dash().is_zero())) { // values are already set, nothing more to do } else { - BigInt tmp_r(montgm_calc_r_oddmod(mp_mod->get_p())); + BigInt tmp_r(montgm_calc_r_oddmod(modulus.get_p())); - BigInt tmp_r_inv(inverse_mod(tmp_r, mp_mod->get_p())); + BigInt tmp_r_inv(inverse_mod(tmp_r, modulus.get_p())); - BigInt tmp_p_dash(montgm_calc_m_dash(tmp_r, mp_mod->get_p(), tmp_r_inv)); + BigInt tmp_p_dash(montgm_calc_m_dash(tmp_r, modulus.get_p(), tmp_r_inv)); - mp_mod->reset_values(tmp_p_dash, tmp_r, tmp_r_inv); + modulus.reset_values(tmp_p_dash, tmp_r, tmp_r_inv); } } -void GFpElement::set_shrd_mod(std::tr1::shared_ptr<GFpModulus> const p_mod) - { - mp_mod = p_mod; - } - void GFpElement::trf_to_mres() const { if(!m_use_montgm) @@ -247,27 +215,27 @@ void GFpElement::trf_to_mres() const throw Illegal_Transformation("GFpElement is not allowed to be transformed to m-residue"); } assert(m_is_trf == false); - assert(!mp_mod->get_r_inv().is_zero()); - assert(!mp_mod->get_p_dash().is_zero()); - m_value = montg_trf_to_mres(m_value, mp_mod->get_r(), mp_mod->get_p()); + assert(!modulus.get_r_inv().is_zero()); + assert(!modulus.get_p_dash().is_zero()); + m_value = montg_trf_to_mres(m_value, modulus.get_r(), modulus.get_p()); m_is_trf = true; } void GFpElement::trf_to_ordres() const { assert(m_is_trf == true); - m_value = montg_trf_to_ordres(m_value, mp_mod->get_p(), mp_mod->get_r_inv()); + m_value = montg_trf_to_ordres(m_value, modulus.get_p(), modulus.get_r_inv()); m_is_trf = false; } bool GFpElement::align_operands_res(const GFpElement& lhs, const GFpElement& rhs) //static { - assert(lhs.mp_mod->get_p() == rhs.mp_mod->get_p()); + assert(lhs.modulus.get_p() == rhs.modulus.get_p()); if(lhs.m_use_montgm && rhs.m_use_montgm) { - assert(rhs.mp_mod->get_p_dash() == lhs.mp_mod->get_p_dash()); - assert(rhs.mp_mod->get_r() == lhs.mp_mod->get_r()); - assert(rhs.mp_mod->get_r_inv() == lhs.mp_mod->get_r_inv()); + assert(rhs.modulus.get_p_dash() == lhs.modulus.get_p_dash()); + assert(rhs.modulus.get_r() == lhs.modulus.get_r()); + assert(rhs.modulus.get_r_inv() == lhs.modulus.get_r_inv()); if(!lhs.m_is_trf && !rhs.m_is_trf) { return false; @@ -317,7 +285,7 @@ bool GFpElement::is_trf_to_mres() const const BigInt& GFpElement::get_p() const { - return (mp_mod->get_p()); + return (modulus.get_p()); } const BigInt& GFpElement::get_value() const @@ -347,105 +315,17 @@ const BigInt& GFpElement::get_mres() const return m_value; } -const GFpElement& GFpElement::operator=(const GFpElement& other) - { - m_value.grow_reg(other.m_value.size()); // grow first for exception safety - - //m_value = other.m_value; - - // m_use_montgm = other.m_use_montgm; - // m_is_trf = other.m_is_trf; - // we want to keep the member pointers, which might be part of a "sharing group" - // but we may not simply overwrite the BigInt values with those of the argument!! - // if ours already contains precomputations, it would be hazardous to - // set them back to zero. - // thus we first check for equality of the moduli, - // then whether either of the two objects already contains - // precomputed values. - - // we also deal with the case were the pointers themsevles are equal: - if(mp_mod.get() == other.mp_mod.get()) - { - // everything ok, we are in the same sharing group anyway, nothing to do - m_value = other.m_value; // cannot throw - m_use_montgm = other.m_use_montgm; - m_is_trf = other.m_is_trf; - return *this; - } - if(mp_mod->get_p() != other.mp_mod->get_p()) - { - // the moduli are different, this is a special case - // which will not occur in usual applications, - // so we don´t hesitate to simply create new objects - // (we do want to create an independent copy) - mp_mod.reset(new GFpModulus(*other.mp_mod)); // this could throw, - // and because of this - // we haven't modified - // anything so far - m_value = other.m_value; // can't throw - m_use_montgm = other.m_use_montgm; - m_is_trf = other.m_is_trf; - return *this; - } - // exception safety note: from now on we are on the safe - // side with respect to the modulus, - // so we can assign the value now: - m_value = other.m_value; - m_use_montgm = other.m_use_montgm; - m_is_trf = other.m_is_trf; - // the moduli are equal, but we deal with different sharing groups. - // we will NOT fuse the sharing goups - // and we will NOT reset already precomputed values - if(mp_mod->has_precomputations()) - { - // our own sharing group already has precomputed values, - // so nothing to do. - return *this; - } - else - { - // let´s see whether the argument has something for us... - if(other.mp_mod->has_precomputations()) - { - // fetch them for our sharing group - // exc. safety note: grow first - - mp_mod->reset_values(other.mp_mod->get_p_dash(), - other.mp_mod->get_r(), - other.mp_mod->get_r_inv()); - - return *this; - } - } - // our precomputations aren´t set, the arguments neither, - // so we let them alone - return *this; - } - -void GFpElement::share_assign(const GFpElement& other) - { - assert((other.m_is_trf && other.m_use_montgm) || !other.m_is_trf); - - // use grow_to to make it exc safe - m_value.grow_reg(other.m_value.size()); - m_value = other.m_value; - - m_use_montgm = other.m_use_montgm; - m_is_trf = other.m_is_trf; - mp_mod = other.mp_mod; // cannot throw - } - GFpElement& GFpElement::operator+=(const GFpElement& rhs) { GFpElement::align_operands_res(*this, rhs); - workspace = m_value; + BigInt workspace = m_value; workspace += rhs.m_value; - if(workspace >= mp_mod->get_p()) - workspace -= mp_mod->get_p(); + if(workspace >= modulus.get_p()) + workspace -= modulus.get_p(); m_value = workspace; - assert(m_value < mp_mod->get_p()); + assert(m_value < modulus.get_p()); assert(m_value >= 0); return *this; @@ -455,39 +335,39 @@ GFpElement& GFpElement::operator-=(const GFpElement& rhs) { GFpElement::align_operands_res(*this, rhs); - workspace = m_value; + BigInt workspace = m_value; workspace -= rhs.m_value; if(workspace.is_negative()) - workspace += mp_mod->get_p(); + workspace += modulus.get_p(); m_value = workspace; - assert(m_value < mp_mod->get_p()); + assert(m_value < modulus.get_p()); assert(m_value >= 0); return *this; } GFpElement& GFpElement::operator*= (u32bit rhs) { - workspace = m_value; + BigInt workspace = m_value; workspace *= rhs; - workspace %= mp_mod->get_p(); + workspace %= modulus.get_p(); m_value = workspace; return *this; } GFpElement& GFpElement::operator*=(const GFpElement& rhs) { - assert(rhs.mp_mod->get_p() == mp_mod->get_p()); + assert(rhs.modulus.get_p() == modulus.get_p()); // here, we do not use align_operands_res() for one simple reason: // we want to enforce the transformation to an m-residue, otherwise it would // never happen if(m_use_montgm && rhs.m_use_montgm) { - assert(rhs.mp_mod->get_p() == mp_mod->get_p()); // is montgm. mult is on, then precomps must be there - assert(rhs.mp_mod->get_p_dash() == mp_mod->get_p_dash()); - assert(rhs.mp_mod->get_r() == mp_mod->get_r()); + assert(rhs.modulus.get_p() == modulus.get_p()); // is montgm. mult is on, then precomps must be there + assert(rhs.modulus.get_p_dash() == modulus.get_p_dash()); + assert(rhs.modulus.get_r() == modulus.get_r()); if(!m_is_trf) { trf_to_mres(); @@ -496,8 +376,8 @@ GFpElement& GFpElement::operator*=(const GFpElement& rhs) { rhs.trf_to_mres(); } - workspace = m_value; - montg_mult(m_value, workspace, rhs.m_value, mp_mod->get_p(), mp_mod->get_p_dash(), mp_mod->get_r()); + BigInt workspace = m_value; + montg_mult(m_value, workspace, rhs.m_value, modulus.get_p(), modulus.get_p_dash(), modulus.get_r()); } else // ordinary multiplication { @@ -512,9 +392,9 @@ GFpElement& GFpElement::operator*=(const GFpElement& rhs) rhs.trf_to_ordres(); } - workspace = m_value; + BigInt workspace = m_value; workspace *= rhs.m_value; - workspace %= mp_mod->get_p(); + workspace %= modulus.get_p(); m_value = workspace; } return *this; @@ -524,18 +404,17 @@ GFpElement& GFpElement::operator/=(const GFpElement& rhs) { bool use_mres = GFpElement::align_operands_res(*this, rhs); assert((this->m_is_trf && rhs.m_is_trf) || !(this->m_is_trf && rhs.m_is_trf)); - // (internal note: see C86) + if(use_mres) { assert(m_use_montgm && rhs.m_use_montgm); GFpElement rhs_ordres(rhs); rhs_ordres.trf_to_ordres(); rhs_ordres.inverse_in_place(); - workspace = m_value; - workspace *= rhs_ordres.get_value(); - workspace %= mp_mod->get_p(); + BigInt workspace = m_value; + workspace *= rhs_ordres.get_value(); + workspace %= modulus.get_p(); m_value = workspace; - } else { @@ -554,30 +433,31 @@ bool GFpElement::is_zero() GFpElement& GFpElement::inverse_in_place() { - m_value = inverse_mod(m_value, mp_mod->get_p()); + m_value = inverse_mod(m_value, modulus.get_p()); + if(m_is_trf) { assert(m_use_montgm); - m_value *= mp_mod->get_r(); - m_value *= mp_mod->get_r(); - m_value %= mp_mod->get_p(); + m_value *= modulus.get_r(); + m_value *= modulus.get_r(); + m_value %= modulus.get_p(); } - assert(m_value <= mp_mod->get_p()); + assert(m_value <= modulus.get_p()); return *this; } GFpElement& GFpElement::negate() { - m_value = mp_mod->get_p() - m_value; - assert(m_value <= mp_mod->get_p()); + m_value = modulus.get_p() - m_value; + assert(m_value <= modulus.get_p()); return *this; } void GFpElement::swap(GFpElement& other) { - m_value.swap(other.m_value); - mp_mod.swap(other.mp_mod); + std::swap(m_value, other.m_value); + std::swap(modulus, other.modulus); std::swap<bool>(m_use_montgm,other.m_use_montgm); std::swap<bool>(m_is_trf,other.m_is_trf); } @@ -589,15 +469,9 @@ std::ostream& operator<<(std::ostream& output, const GFpElement& elem) bool operator==(const GFpElement& lhs, const GFpElement& rhs) { - // for effeciency reasons we firstly check whether - //the modulus pointers are different in the first place: - if(lhs.get_ptr_mod() != rhs.get_ptr_mod()) - { - if(lhs.get_p() != rhs.get_p()) - { - return false; - } - } + if(lhs.get_p() != rhs.get_p()) + return false; + // so the modulus is equal, now check the values bool use_mres = GFpElement::align_operands_res(lhs, rhs); diff --git a/src/math/gfpmath/gfp_element.h b/src/math/gfpmath/gfp_element.h index 84009ef12..fd76516b5 100644 --- a/src/math/gfpmath/gfp_element.h +++ b/src/math/gfpmath/gfp_element.h @@ -2,6 +2,7 @@ * Arithmetic for prime fields GF(p) * * (C) 2007 Martin Doering, Christoph Ludwig, Falko Strenzke +* 2009-2010 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -13,14 +14,6 @@ #include <botan/gfp_modulus.h> #include <iosfwd> -#if defined(BOTAN_USE_STD_TR1) - #include <tr1/memory> -#elif defined(BOTAN_USE_BOOST_TR1) - #include <boost/tr1/memory.hpp> -#else - #error "Please choose a TR1 implementation in build.h" -#endif - namespace Botan { struct BOTAN_DLL Illegal_Transformation : public Exception @@ -45,47 +38,11 @@ class BOTAN_DLL GFpElement * @param value the element value * @param use_montgm whether this object will use Montgomery multiplication */ - explicit GFpElement (const BigInt& p, const BigInt& value, bool use_montgm = false); - - - /** construct an element of GF(p) with the given value (defaults - * to 0). use_montg defaults to false and determines wether - * montgomery multiplications will be use when applying operators - * '*' , '*='. Use this constructor for efficient use of - * Montgomery multiplication in a context with a fixed a modulus. - * Warning: do not use this function unless you know in detail - * about the implications of using the shared GFpModulus objects! - * @param mod shared pointer to the GFpModulus to be shared - * @param value the element value - * @param use_montgm whether this object will use Montgomery multiplication - */ - explicit GFpElement(std::tr1::shared_ptr<GFpModulus> const mod, - const BigInt& value, bool use_mongm = false); - - /** - * Copy constructor - * @param other The element to clone - */ - GFpElement(const GFpElement& other); - - /** - * Assignment operator. - * makes *this a totally independent object - * (gives *this independent modulus specific values). + GFpElement(const BigInt& p, const BigInt& value, bool use_montgm = false); - * @param other The element to assign to our object - */ - const GFpElement& operator=(const GFpElement& other); + // GFpElement(const GFpElement& other) = default; - /** - * Works like the assignment operator, but lets - * *this share the modulus dependend value with other. - * Warning: do not use this function unless you know in detail about - * the implications of using - * the shared GFpModulus objects! - * @param other The element to assign to our object - */ - void share_assign(const GFpElement& other); + // const GFpElement& operator=(const GFpElement& other) = default; /** * Switch Montgomery multiplcation optimizations ON @@ -129,7 +86,7 @@ class BOTAN_DLL GFpElement * @param rhs the value to multiply with the local value * @result *this */ - GFpElement& operator*= (u32bit rhs); + GFpElement& operator*=(u32bit rhs); /** * Negate internal value(*this *= -1 ) @@ -163,28 +120,6 @@ class BOTAN_DLL GFpElement */ const BigInt& get_value() const; - /** - * Returns the shared pointer to the GFpModulus of *this. - * Warning: do not use this function unless you know in detail about - * the implications of using - * the shared GFpModulus objects! - * @result the shared pointer to the GFpModulus of *this - */ - inline std::tr1::shared_ptr<GFpModulus> const get_ptr_mod() const - { - return mp_mod; - } - - - /** - * Sets the shared pointer to the GFpModulus of *this. - * Warning: do not use this function unless you know in detail about - * the implications of using - * the shared GFpModulus objects! - * @param mod a shared pointer to a GFpModulus that will be held in *this - */ - void set_shrd_mod(std::tr1::shared_ptr<GFpModulus> const mod); - /** * Tells whether this GFpElement is currently transformed to it´ m-residue, * i.e. in the form x_bar = x * r mod m. @@ -233,16 +168,12 @@ class BOTAN_DLL GFpElement void trf_to_mres() const; void trf_to_ordres() const; - std::tr1::shared_ptr<GFpModulus> mp_mod; + mutable GFpModulus modulus; mutable BigInt m_value; // ordinary residue or m-residue respectively - mutable BigInt workspace; // data members for montgomery multiplication mutable bool m_use_montgm; - //mutable BigInt m_mres; - // this bool tells use whether the m_mres carries - // the actual value (in this case mValue doesn´t) - mutable bool m_is_trf; + mutable bool m_is_trf; // if m_value is montgomery }; // relational operators @@ -259,8 +190,8 @@ GFpElement BOTAN_DLL operator-(const GFpElement& lhs); GFpElement BOTAN_DLL operator*(const GFpElement& lhs, const GFpElement& rhs); GFpElement BOTAN_DLL operator/(const GFpElement& lhs, const GFpElement& rhs); -GFpElement BOTAN_DLL operator* (const GFpElement& lhs, u32bit rhs); -GFpElement BOTAN_DLL operator* (u32bit rhs, const GFpElement& lhs); +GFpElement BOTAN_DLL operator*(const GFpElement& lhs, u32bit rhs); +GFpElement BOTAN_DLL operator*(u32bit rhs, const GFpElement& lhs); /** diff --git a/src/math/gfpmath/gfp_modulus.h b/src/math/gfpmath/gfp_modulus.h index ace42b27d..fcdd13ee1 100644 --- a/src/math/gfpmath/gfp_modulus.h +++ b/src/math/gfpmath/gfp_modulus.h @@ -22,22 +22,26 @@ class GFpElement; class BOTAN_DLL GFpModulus { public: + /** * Construct a GF(P)-Modulus from a BigInt */ - GFpModulus(BigInt p) + GFpModulus(const BigInt& p) : m_p(p), m_p_dash(), m_r(), m_r_inv() {} + // GFpModulus(const GFpModulus& other) = default; + // GFpModulus& operator=(const GFpModulus& other) = default; + /** * Tells whether the precomputations necessary for the use of the * montgomery multiplication have yet been established. * @result true if the precomputated value are already available. */ - inline bool has_precomputations() const + bool has_precomputations() const { return(!m_p_dash.is_zero() && !m_r.is_zero() && !m_r_inv.is_zero()); } @@ -46,12 +50,12 @@ class BOTAN_DLL GFpModulus * Swaps this with another GFpModulus, does not throw. * @param other the GFpModulus to swap *this with. */ - inline void swap(GFpModulus& other) + void swap(GFpModulus& other) { - m_p.swap(other.m_p); - m_p_dash.swap(other.m_p_dash); - m_r.swap(other.m_r); - m_r_inv.swap(other.m_r_inv); + std::swap(m_p, other.m_p); + std::swap(m_p_dash, other.m_p_dash); + std::swap(m_r, other.m_r); + std::swap(m_r_inv, other.m_r_inv); } /** @@ -59,7 +63,7 @@ class BOTAN_DLL GFpModulus * @param mod the modulus to compare this with * @result true if the modulus of *this and the argument are equal. */ - inline bool p_equal_to(const BigInt& mod) const + bool p_equal_to(const BigInt& mod) const { return (m_p == mod); } @@ -68,7 +72,7 @@ class BOTAN_DLL GFpModulus * Return the modulus of this GFpModulus. * @result the modulus of *this. */ - inline const BigInt& get_p() const + const BigInt& get_p() const { return m_p; } @@ -79,7 +83,7 @@ class BOTAN_DLL GFpModulus * performed! * @result r */ - inline const BigInt& get_r() const + const BigInt& get_r() const { return m_r; } @@ -90,7 +94,7 @@ class BOTAN_DLL GFpModulus * performed! * @result r^{-1} */ - inline const BigInt& get_r_inv() const + const BigInt& get_r_inv() const { return m_r_inv; } @@ -101,11 +105,10 @@ class BOTAN_DLL GFpModulus * performed! * @result p' */ - inline const BigInt& get_p_dash() const + const BigInt& get_p_dash() const { return m_p_dash; } - // default cp-ctor, op= are fine void reset_values(const BigInt& new_p_dash, const BigInt& new_r, @@ -118,9 +121,9 @@ class BOTAN_DLL GFpModulus private: BigInt m_p; // the modulus itself - mutable BigInt m_p_dash; - mutable BigInt m_r; - mutable BigInt m_r_inv; + BigInt m_p_dash; + BigInt m_r; + BigInt m_r_inv; }; } diff --git a/src/math/gfpmath/info.txt b/src/math/gfpmath/info.txt index a02dbc044..b7b430805 100644 --- a/src/math/gfpmath/info.txt +++ b/src/math/gfpmath/info.txt @@ -1,7 +1,5 @@ define BIGINT_GFP -uses_tr1 yes - <header:public> curve_gfp.h gfp_element.h diff --git a/src/math/gfpmath/point_gfp.cpp b/src/math/gfpmath/point_gfp.cpp index 4203a3db3..c57ceebba 100644 --- a/src/math/gfpmath/point_gfp.cpp +++ b/src/math/gfpmath/point_gfp.cpp @@ -13,87 +13,50 @@ namespace Botan { // construct the point at infinity or a random point -PointGFp::PointGFp(const CurveGFp& curve) - : mC(curve), - mX(curve.get_p(), 0), - mY(curve.get_p(), 1), - mZ(curve.get_p(), 0), - mZpow2(curve.get_p(),0), - mZpow3(curve.get_p(),0), - mAZpow4(curve.get_p(),0), - mZpow2_set(false), - mZpow3_set(false), - mAZpow4_set(false) +PointGFp::PointGFp(const CurveGFp& curve) : + mC(curve), + mX(curve.get_p(), 0), + mY(curve.get_p(), 1), + mZ(curve.get_p(), 0), + mZpow2(curve.get_p(),0), + mZpow3(curve.get_p(),0), + mAZpow4(curve.get_p(),0), + mZpow2_set(false), + mZpow3_set(false), + mAZpow4_set(false) { - // first set the point wide pointer - - set_shrd_mod(mC.get_ptr_mod()); - } // construct a point given its jacobian projective coordinates PointGFp::PointGFp(const CurveGFp& curve, const GFpElement& x, - const GFpElement& y, const GFpElement& z) - : mC(curve), - mX(x), - mY(y), - mZ(z), - mZpow2(curve.get_p(),0), - mZpow3(curve.get_p(),0), - mAZpow4(curve.get_p(),0), - mZpow2_set(false), - mZpow3_set(false), - mAZpow4_set(false) - { - set_shrd_mod(mC.get_ptr_mod()); - } -PointGFp::PointGFp ( const CurveGFp& curve, const GFpElement& x, - const GFpElement& y ) - :mC(curve), - mX(x), - mY(y), - mZ(curve.get_p(),1), - mZpow2(curve.get_p(),0), - mZpow3(curve.get_p(),0), - mAZpow4(curve.get_p(),0), - mZpow2_set(false), - mZpow3_set(false), - mAZpow4_set(false) - { - set_shrd_mod(mC.get_ptr_mod()); - } - -// copy constructor -PointGFp::PointGFp(const PointGFp& other) - : mC(other.mC), - mX(other.mX), - mY(other.mY), - mZ(other.mZ), - mZpow2(other.mZpow2), - mZpow3(other.mZpow3), - mAZpow4(other.mAZpow4), - mZpow2_set(other.mZpow2_set), - mZpow3_set(other.mZpow3_set), - mAZpow4_set(other.mAZpow4_set) + const GFpElement& y, const GFpElement& z) : + mC(curve), + mX(x), + mY(y), + mZ(z), + mZpow2(curve.get_p(),0), + mZpow3(curve.get_p(),0), + mAZpow4(curve.get_p(),0), + mZpow2_set(false), + mZpow3_set(false), + mAZpow4_set(false) + { + } + +PointGFp::PointGFp(const CurveGFp& curve, + const GFpElement& x, + const GFpElement& y) : + mC(curve), + mX(x), + mY(y), + mZ(curve.get_p(),1), + mZpow2(curve.get_p(),0), + mZpow3(curve.get_p(),0), + mAZpow4(curve.get_p(),0), + mZpow2_set(false), + mZpow3_set(false), + mAZpow4_set(false) { - set_shrd_mod(mC.get_ptr_mod()); - } - -// assignment operator -const PointGFp& PointGFp::operator=(PointGFp const& other) - { - mC = other.get_curve(); - mX = other.get_jac_proj_x(); - mY = other.get_jac_proj_y(); - mZ = other.get_jac_proj_z(); - mZpow2 = GFpElement(other.mZpow2); - mZpow3 = GFpElement(other.mZpow3); - mAZpow4 = GFpElement(other.mAZpow4); - mZpow2_set = other.mZpow2_set; - mZpow3_set = other.mZpow3_set; - mAZpow4_set = other.mAZpow4_set; - set_shrd_mod(mC.get_ptr_mod()); - return *this; } const PointGFp& PointGFp::assign_within_same_curve(PointGFp const& other) @@ -108,64 +71,25 @@ const PointGFp& PointGFp::assign_within_same_curve(PointGFp const& other) return *this; } -void PointGFp::set_shrd_mod(std::tr1::shared_ptr<GFpModulus> p_mod) - { - mX.set_shrd_mod(p_mod); - mY.set_shrd_mod(p_mod); - mZ.set_shrd_mod(p_mod); - mZpow2.set_shrd_mod(p_mod); - mZpow3.set_shrd_mod(p_mod); - mAZpow4.set_shrd_mod(p_mod); - } - -void PointGFp::ensure_worksp() const - { - if (mp_worksp_gfp_el.get() != 0) - { - if ((*mp_worksp_gfp_el).size() == GFPEL_WKSP_SIZE) - { - return; - } - else - { - throw Invalid_State("encountered incorrect size for PointGFp´s GFpElement workspace"); - } - } - - mp_worksp_gfp_el = std::tr1::shared_ptr<std::vector<GFpElement> >(new std::vector<GFpElement>); - mp_worksp_gfp_el->reserve(9); - for (u32bit i=0; i<GFPEL_WKSP_SIZE; i++) - { - mp_worksp_gfp_el->push_back(GFpElement(1,0)); - - } - } - // arithmetic operators PointGFp& PointGFp::operator+=(const PointGFp& rhs) { - if (is_zero()) + if(is_zero()) { *this = rhs; return *this; } - if (rhs.is_zero()) + if(rhs.is_zero()) { return *this; } - ensure_worksp(); - if (rhs.mZ == *(mC.get_mres_one())) - { - //U1 = mX; - (*mp_worksp_gfp_el)[0].share_assign(mX); + GFpElement U1 = mX; + GFpElement S1 = mY; - //S1 = mY; - (*mp_worksp_gfp_el)[2].share_assign(mY); - } - else + if(rhs.mZ != mC.get_mres_one()) { - if ((!rhs.mZpow2_set) || (!rhs.mZpow3_set)) + if((!rhs.mZpow2_set) || (!rhs.mZpow3_set)) { rhs.mZpow2 = rhs.mZ; rhs.mZpow2 *= rhs.mZ; @@ -175,26 +99,17 @@ PointGFp& PointGFp::operator+=(const PointGFp& rhs) rhs.mZpow2_set = true; rhs.mZpow3_set = true; } - //U1 = mX * rhs.mZpow2; - (*mp_worksp_gfp_el)[0].share_assign(mX); - (*mp_worksp_gfp_el)[0] *= rhs.mZpow2; - - //S1 = mY * rhs.mZpow3; - (*mp_worksp_gfp_el)[2].share_assign(mY); - (*mp_worksp_gfp_el)[2] *= rhs.mZpow3; + U1 *= rhs.mZpow2; + S1 *= rhs.mZpow3; } - if (mZ == *(mC.get_mres_one())) - { - //U2 = rhs.mX; - (*mp_worksp_gfp_el)[1].share_assign(rhs.mX); - //S2 = rhs.mY; - (*mp_worksp_gfp_el)[3].share_assign(rhs.mY); - } - else + GFpElement U2 = rhs.mX; + GFpElement S2 = rhs.mY; + + if(mZ != mC.get_mres_one()) { - if ((!mZpow2_set) || (!mZpow3_set)) + if((!mZpow2_set) || (!mZpow3_set)) { // precomputation can´t be used, because *this changes anyway mZpow2 = mZ; @@ -203,105 +118,60 @@ PointGFp& PointGFp::operator+=(const PointGFp& rhs) mZpow3 = mZpow2; mZpow3 *= mZ; } - //U2 = rhs.mX * mZpow2; - (*mp_worksp_gfp_el)[1].share_assign(rhs.mX); - (*mp_worksp_gfp_el)[1] *= mZpow2; - - //S2 = rhs.mY * mZpow3; - (*mp_worksp_gfp_el)[3].share_assign(rhs.mY); - (*mp_worksp_gfp_el)[3] *= mZpow3; + U2 *= mZpow2; + S2 *= mZpow3; } - //GFpElement H(U2 - U1); - - (*mp_worksp_gfp_el)[4].share_assign((*mp_worksp_gfp_el)[1]); - (*mp_worksp_gfp_el)[4] -= (*mp_worksp_gfp_el)[0]; - //GFpElement r(S2 - S1); - (*mp_worksp_gfp_el)[5].share_assign((*mp_worksp_gfp_el)[3]); - (*mp_worksp_gfp_el)[5] -= (*mp_worksp_gfp_el)[2]; - - //if(H.is_zero()) - if ((*mp_worksp_gfp_el)[4].is_zero()) + GFpElement H(U2 - U1); + GFpElement r(S2 - S1); + if(H.is_zero()) { - if ((*mp_worksp_gfp_el)[5].is_zero()) - + if(r.is_zero()) { mult2_in_place(); return *this; } + *this = PointGFp(mC); // setting myself to zero return *this; } - //U2 = H * H; - (*mp_worksp_gfp_el)[1].share_assign((*mp_worksp_gfp_el)[4]); - (*mp_worksp_gfp_el)[1] *= (*mp_worksp_gfp_el)[4]; + U2 = H * H; - //S2 = U2 * H; - (*mp_worksp_gfp_el)[3].share_assign((*mp_worksp_gfp_el)[1]); - (*mp_worksp_gfp_el)[3] *= (*mp_worksp_gfp_el)[4]; + S2 = U2 * H; - //U2 *= U1; - (*mp_worksp_gfp_el)[1] *= (*mp_worksp_gfp_el)[0]; + U2 *= U1; - //GFpElement x(r*r - S2 - (U2+U2)); - (*mp_worksp_gfp_el)[6].share_assign((*mp_worksp_gfp_el)[5]); - (*mp_worksp_gfp_el)[6] *= (*mp_worksp_gfp_el)[5]; - (*mp_worksp_gfp_el)[6] -= (*mp_worksp_gfp_el)[3]; - (*mp_worksp_gfp_el)[6] -= (*mp_worksp_gfp_el)[1]; - (*mp_worksp_gfp_el)[6] -= (*mp_worksp_gfp_el)[1]; + GFpElement x(r*r - S2 - (U2+U2)); - //GFpElement z(S1 * S2); - (*mp_worksp_gfp_el)[8].share_assign((*mp_worksp_gfp_el)[2]); - (*mp_worksp_gfp_el)[8] *= (*mp_worksp_gfp_el)[3]; + GFpElement z(S1 * S2); - //GFpElement y(r * (U2-x) - z); - (*mp_worksp_gfp_el)[7].share_assign((*mp_worksp_gfp_el)[1]); - (*mp_worksp_gfp_el)[7] -= (*mp_worksp_gfp_el)[6]; - (*mp_worksp_gfp_el)[7] *= (*mp_worksp_gfp_el)[5]; - (*mp_worksp_gfp_el)[7] -= (*mp_worksp_gfp_el)[8]; + GFpElement y(r * (U2-x) - z); - if (mZ == *(mC.get_mres_one())) + if(mZ == mC.get_mres_one()) { - if (rhs.mZ != *(mC.get_mres_one())) - { - //z = rhs.mZ * H; - (*mp_worksp_gfp_el)[8].share_assign(rhs.mZ); - (*mp_worksp_gfp_el)[8] *= (*mp_worksp_gfp_el)[4]; - } + if(rhs.mZ != mC.get_mres_one()) + z = rhs.mZ * H; else - { - //z = H; - (*mp_worksp_gfp_el)[8].share_assign((*mp_worksp_gfp_el)[4]); - } + z = H; } - else if (rhs.mZ != *(mC.get_mres_one())) + else if(rhs.mZ != mC.get_mres_one()) { - //U1 = mZ * rhs.mZ; - (*mp_worksp_gfp_el)[0].share_assign(mZ); - (*mp_worksp_gfp_el)[0] *= rhs.mZ; - - //z = U1 * H; - (*mp_worksp_gfp_el)[8].share_assign((*mp_worksp_gfp_el)[0]); - (*mp_worksp_gfp_el)[8] *= (*mp_worksp_gfp_el)[4]; - + U1 = mZ * rhs.mZ; + z = U1 * H; } else - { - //z = mZ * H; - (*mp_worksp_gfp_el)[8].share_assign(mZ); - (*mp_worksp_gfp_el)[8] *= (*mp_worksp_gfp_el)[4]; + z = mZ * H; - } mZpow2_set = false; mZpow3_set = false; mAZpow4_set = false; - mX = (*mp_worksp_gfp_el)[6]; - mY = (*mp_worksp_gfp_el)[7]; - mZ = (*mp_worksp_gfp_el)[8]; + mX = x; + mY = y; + mZ = z; return *this; @@ -310,7 +180,7 @@ PointGFp& PointGFp::operator-=(const PointGFp& rhs) { PointGFp minus_rhs = PointGFp(rhs).negate(); - if (is_zero()) + if(is_zero()) { *this = minus_rhs; } @@ -336,23 +206,22 @@ PointGFp& PointGFp::mult_this_secure(const BigInt& scalar, // use montgomery mult. in this operation this->turn_on_sp_red_mul(); - std::tr1::shared_ptr<PointGFp> H(new PointGFp(this->mC)); - std::tr1::shared_ptr<PointGFp> tmp; // used for AADA + PointGFp H(mC); PointGFp P(*this); BigInt m(scalar); - if (m < BigInt(0)) + if(m < BigInt(0)) { m = -m; P.negate(); } - if (P.is_zero() || (m == BigInt(0))) + if(P.is_zero() || (m == BigInt(0))) { - *this = *H; + *this = H; return *this; } - if (m == BigInt(1)) + if(m == BigInt(1)) { return *this; } @@ -378,7 +247,7 @@ PointGFp& PointGFp::mult_this_secure(const BigInt& scalar, // use randomized exponent #ifdef TA_COLL_T static BigInt r_randexp; - if (new_rand) + if(new_rand) { r_randexp = random_integer(rand_r_bit_len); } @@ -405,23 +274,24 @@ PointGFp& PointGFp::mult_this_secure(const BigInt& scalar, #endif // CM_RAND_EXP // determine mul_bits... -#if (CM_AADA == 1 && CM_RAND_EXP != 1) +#if(CM_AADA == 1 && CM_RAND_EXP != 1) mul_bits = max_secr_bits; #endif // CM_AADA without CM_RAND_EXP //assert(mul_bits != 0); + mult_loop(mul_bits-1, m, H, P); - H = mult_loop(mul_bits-1, m, H, tmp, P); - - if (!H->is_zero()) // cannot convert if H == O + if(!H.is_zero()) // cannot convert if H == O { - *this = H->get_z_to_one(); - }else + *this = H.get_z_to_one(); + } + else { - *this = *H; + *this = H; } + mX.turn_off_sp_red_mul(); mY.turn_off_sp_red_mul(); mZ.turn_off_sp_red_mul(); @@ -439,34 +309,34 @@ PointGFp& PointGFp::operator*=(const BigInt& scalar) PointGFp P(*this); P.turn_on_sp_red_mul(); BigInt m(scalar); - if (m < BigInt(0)) + if(m < BigInt(0)) { m = -m; P.negate(); } - if (P.is_zero() || (m == BigInt(0))) + if(P.is_zero() || (m == BigInt(0))) { *this = H; return *this; } - if (m == BigInt(1)) + if(m == BigInt(1)) { //*this == P already return *this; } const int l = m.bits() - 1; - for (int i=l; i >=0; i--) + for(int i=l; i >=0; i--) { H.mult2_in_place(); - if (m.get_bit(i)) + if(m.get_bit(i)) { H += P; } } - if (!H.is_zero()) // cannot convert if H == O + if(!H.is_zero()) // cannot convert if H == O { *this = H.get_z_to_one(); }else @@ -476,60 +346,23 @@ PointGFp& PointGFp::operator*=(const BigInt& scalar) return *this; } -inline std::tr1::shared_ptr<PointGFp> PointGFp::mult_loop(int l, - const BigInt& m, - std::tr1::shared_ptr<PointGFp> H, - std::tr1::shared_ptr<PointGFp> tmp, - const PointGFp& P) +void PointGFp::mult_loop(int l, + const BigInt& m, + PointGFp& H, + const PointGFp& P) { - //assert(l >= (int)m.bits()- 1); - tmp = H; - std::tr1::shared_ptr<PointGFp> to_add(new PointGFp(P)); // we just need some point - // so that we can use op= - // inside the loop - for (int i=l; i >=0; i--) + for(int i=l; i >=0; i--) { - H->mult2_in_place(); - -#ifndef CM_AADA - - if (m.get_bit(i)) - { - *H += P; - } -#else // (CM_AADA is in) - - if (H.get() == to_add.get()) - { - to_add = tmp; // otherwise all pointers might point to the same object - // and we always need two objects to be able to switch around - } - to_add->assign_within_same_curve(*H); - tmp = H; - *tmp += P; // tmp already points to H - - if (m.get_bit(i)) - { - H = tmp; // NOTE: assign the pointer, not the value! - // (so that the operation is fast and thus as difficult - // to detect as possible) - } - else - { - H = to_add; // NOTE: this is necessary, because the assignment - // "*tmp = ..." already changed what H pointed to - - - } -#endif // CM_AADA + H.mult2_in_place(); + if(m.get_bit(i)) + H += P; } - return H; } PointGFp& PointGFp::negate() { - if (!is_zero()) + if(!is_zero()) { mY.negate(); } @@ -539,122 +372,71 @@ PointGFp& PointGFp::negate() // *this *= 2 PointGFp& PointGFp::mult2_in_place() { - if (is_zero()) - { + if(is_zero()) return *this; - } - if (mY.is_zero()) + else if(mY.is_zero()) { - *this = PointGFp(mC); // setting myself to zero return *this; } - ensure_worksp(); - (*mp_worksp_gfp_el)[0].share_assign(mY); - (*mp_worksp_gfp_el)[0] *= mY; + GFpElement Y_squared = mY*mY; - //GFpElement S(mX * z); - (*mp_worksp_gfp_el)[1].share_assign(mX); - (*mp_worksp_gfp_el)[1] *= (*mp_worksp_gfp_el)[0]; + GFpElement S = mX * Y_squared; - //GFpElement x(S + S); - (*mp_worksp_gfp_el)[2].share_assign((*mp_worksp_gfp_el)[1]); - (*mp_worksp_gfp_el)[2] += (*mp_worksp_gfp_el)[1]; + GFpElement x = S + S; - //S = x + x; - (*mp_worksp_gfp_el)[1].share_assign((*mp_worksp_gfp_el)[2]); - (*mp_worksp_gfp_el)[1] += (*mp_worksp_gfp_el)[2]; + S = x + x; - if (!mAZpow4_set) + if(!mAZpow4_set) { - if (mZ == *(mC.get_mres_one())) + if(mZ == mC.get_mres_one()) { mAZpow4 = mC.get_mres_a(); mAZpow4_set = true; } else { - if (!mZpow2_set) + if(!mZpow2_set) { mZpow2 = mZ; mZpow2 *= mZ; mZpow2_set = true; } - //x = mZpow2 * mZpow2; - (*mp_worksp_gfp_el)[2].share_assign(mZpow2); - (*mp_worksp_gfp_el)[2] *= mZpow2; - //mAZpow4 = mC.get_mres_a() * x; - mAZpow4 = mC.get_mres_a(); - mAZpow4 *= (*mp_worksp_gfp_el)[2]; + x = mZpow2 * mZpow2; + mAZpow4 = mC.get_mres_a() * x; } - } - //GFpElement y(mX * mX); - (*mp_worksp_gfp_el)[3].share_assign(mX); - (*mp_worksp_gfp_el)[3] *= mX; - - //GFpElement M(y + y + y + mAZpow4); - (*mp_worksp_gfp_el)[4].share_assign((*mp_worksp_gfp_el)[3]); - (*mp_worksp_gfp_el)[4] += (*mp_worksp_gfp_el)[3]; - (*mp_worksp_gfp_el)[4] += (*mp_worksp_gfp_el)[3]; - (*mp_worksp_gfp_el)[4] += mAZpow4; - - //x = M * M - (S+S); - (*mp_worksp_gfp_el)[2].share_assign((*mp_worksp_gfp_el)[4]); - (*mp_worksp_gfp_el)[2] *= (*mp_worksp_gfp_el)[4]; - (*mp_worksp_gfp_el)[2] -= (*mp_worksp_gfp_el)[1]; - (*mp_worksp_gfp_el)[2] -= (*mp_worksp_gfp_el)[1]; - - //y = z * z; - (*mp_worksp_gfp_el)[3].share_assign((*mp_worksp_gfp_el)[0]); - (*mp_worksp_gfp_el)[3] *= (*mp_worksp_gfp_el)[0]; - - //GFpElement U(y + y); - (*mp_worksp_gfp_el)[5].share_assign((*mp_worksp_gfp_el)[3]); - (*mp_worksp_gfp_el)[5] += (*mp_worksp_gfp_el)[3]; - - //z = U + U; - (*mp_worksp_gfp_el)[0].share_assign((*mp_worksp_gfp_el)[5]); - (*mp_worksp_gfp_el)[0] += (*mp_worksp_gfp_el)[5]; - - //U = z + z; - (*mp_worksp_gfp_el)[5].share_assign((*mp_worksp_gfp_el)[0]); - (*mp_worksp_gfp_el)[5] += (*mp_worksp_gfp_el)[0]; - - //y = M * (S - x) - U; - (*mp_worksp_gfp_el)[3].share_assign((*mp_worksp_gfp_el)[1]); - (*mp_worksp_gfp_el)[3] -= (*mp_worksp_gfp_el)[2]; - (*mp_worksp_gfp_el)[3] *= (*mp_worksp_gfp_el)[4]; - (*mp_worksp_gfp_el)[3] -= (*mp_worksp_gfp_el)[5]; - - if (mZ != *(mC.get_mres_one())) - { - //z = mY * mZ; - (*mp_worksp_gfp_el)[0].share_assign(mY); - (*mp_worksp_gfp_el)[0] *= mZ; + GFpElement y(mX * mX); - } + GFpElement M(y + y + y + mAZpow4); + + x = M * M - (S+S); + + y = Y_squared * Y_squared; + + GFpElement U(y + y); + + GFpElement z = U + U; + + U = z + z; + + y = M * (S - x) - U; + + if(mZ != mC.get_mres_one()) + z = mY * mZ; else - { - //z = mY; - (*mp_worksp_gfp_el)[0].share_assign(mY); + z = mY; - } - //z = z + z; - (*mp_worksp_gfp_el)[6].share_assign((*mp_worksp_gfp_el)[0]); - (*mp_worksp_gfp_el)[0] += (*mp_worksp_gfp_el)[6]; + z = z + z; - //mX = x; - //mY = y; - //mZ = z; - mX = (*mp_worksp_gfp_el)[2]; - mY = (*mp_worksp_gfp_el)[3]; - mZ = (*mp_worksp_gfp_el)[0]; + mX = x; + mY = y; + mZ = z; mZpow2_set = false; mZpow3_set = false; @@ -688,7 +470,7 @@ void PointGFp::turn_on_sp_red_mul() const * Z has value one, i.e. x and y correspond to * their values in affine coordinates */ -PointGFp const PointGFp::get_z_to_one() const +PointGFp PointGFp::get_z_to_one() const { return PointGFp(*this).set_z_to_one(); } @@ -701,7 +483,7 @@ PointGFp const PointGFp::get_z_to_one() const */ const PointGFp& PointGFp::set_z_to_one() const { - if (!(mZ.get_value() == BigInt(1)) && !(mZ.get_value() == BigInt(0))) + if(!(mZ.get_value() == BigInt(1)) && !(mZ.get_value() == BigInt(0))) { GFpElement z = inverse(mZ); GFpElement z2 = z * z; @@ -714,7 +496,7 @@ const PointGFp& PointGFp::set_z_to_one() const } else { - if (mZ.get_value() == BigInt(0)) + if(mZ.get_value() == BigInt(0)) { throw Illegal_Transformation("cannot convert Z to one"); } @@ -722,58 +504,39 @@ const PointGFp& PointGFp::set_z_to_one() const return *this; // mZ = 1 already } -const CurveGFp PointGFp::get_curve() const - { - return mC; - } - -GFpElement const PointGFp::get_affine_x() const +GFpElement PointGFp::get_affine_x() const { - - if (is_zero()) - { + if(is_zero()) throw Illegal_Transformation("cannot convert to affine"); - } - /*if(!mZpow2_set) - {*/ mZpow2 = mZ * mZ; mZpow2_set = true; - //} - //assert(mZpow2 == mZ*mZ); GFpElement z2 = mZpow2; return mX * z2.inverse_in_place(); } -GFpElement const PointGFp::get_affine_y() const +GFpElement PointGFp::get_affine_y() const { - - if (is_zero()) - { + if(is_zero()) throw Illegal_Transformation("cannot convert to affine"); - } - /*if(!mZpow3_set ) - {*/ mZpow3 = mZ * mZ * mZ; mZpow3_set = true; - //} - //assert(mZpow3 == mZ * mZ *mZ); GFpElement z3 = mZpow3; return mY * z3.inverse_in_place(); } -GFpElement const PointGFp::get_jac_proj_x() const +GFpElement PointGFp::get_jac_proj_x() const { return GFpElement(mX); } -GFpElement const PointGFp::get_jac_proj_y() const +GFpElement PointGFp::get_jac_proj_y() const { return GFpElement(mY); } -GFpElement const PointGFp::get_jac_proj_z() const +GFpElement PointGFp::get_jac_proj_z() const { return GFpElement(mZ); } @@ -794,14 +557,14 @@ bool PointGFp::is_zero() const void PointGFp::check_invariants() const { - if (is_zero()) + if(is_zero()) { return; } const GFpElement y2 = mY * mY; const GFpElement x3 = mX * mX * mX; - if (mZ.get_value() == BigInt(1)) + if(mZ.get_value() == BigInt(1)) { GFpElement ax = mC.get_a() * mX; if(y2 != (x3 + ax + mC.get_b())) @@ -820,7 +583,7 @@ void PointGFp::check_invariants() const const GFpElement aXZ4 = mAZpow4 * mX; const GFpElement bZ6 = mC.get_b() * mZpow3 * mZpow3; - if (y2 != (x3 + aXZ4 + bZ6)) + if(y2 != (x3 + aXZ4 + bZ6)) throw Illegal_Point(); } @@ -846,11 +609,11 @@ PointGFp mult2(const PointGFp& point) bool operator==(const PointGFp& lhs, PointGFp const& rhs) { - if (lhs.is_zero() && rhs.is_zero()) + if(lhs.is_zero() && rhs.is_zero()) { return true; } - if ((lhs.is_zero() && !rhs.is_zero()) || (!lhs.is_zero() && rhs.is_zero())) + if((lhs.is_zero() && !rhs.is_zero()) || (!lhs.is_zero() && rhs.is_zero())) { return false; } @@ -906,16 +669,16 @@ PointGFp mult_point_secure(const PointGFp& point, const BigInt& scalar, SecureVector<byte> EC2OSP(const PointGFp& point, byte format) { SecureVector<byte> result; - if (format == PointGFp::UNCOMPRESSED) + if(format == PointGFp::UNCOMPRESSED) { result = encode_uncompressed(point); } - else if (format == PointGFp::COMPRESSED) + else if(format == PointGFp::COMPRESSED) { result = encode_compressed(point); } - else if (format == PointGFp::HYBRID) + else if(format == PointGFp::HYBRID) { result = encode_hybrid(point); } @@ -929,7 +692,7 @@ SecureVector<byte> encode_compressed(const PointGFp& point) { - if (point.is_zero()) + if(point.is_zero()) { SecureVector<byte> result (1); result[0] = 0; @@ -938,7 +701,7 @@ SecureVector<byte> encode_compressed(const PointGFp& point) } u32bit l = point.get_curve().get_p().bits(); int dummy = l & 7; - if (dummy != 0) + if(dummy != 0) { l += 8 - dummy; } @@ -949,7 +712,7 @@ SecureVector<byte> encode_compressed(const PointGFp& point) SecureVector<byte> bX = BigInt::encode_1363(x, l); result.copy(1, bX.begin(), bX.size()); BigInt y = point.get_affine_y().get_value(); - if (y.get_bit(0)) + if(y.get_bit(0)) { result[0] |= 1; } @@ -959,7 +722,7 @@ SecureVector<byte> encode_compressed(const PointGFp& point) SecureVector<byte> encode_uncompressed(const PointGFp& point) { - if (point.is_zero()) + if(point.is_zero()) { SecureVector<byte> result (1); result[0] = 0; @@ -967,7 +730,7 @@ SecureVector<byte> encode_uncompressed(const PointGFp& point) } u32bit l = point.get_curve().get_p().bits(); int dummy = l & 7; - if (dummy != 0) + if(dummy != 0) { l += 8 - dummy; } @@ -986,7 +749,7 @@ SecureVector<byte> encode_uncompressed(const PointGFp& point) SecureVector<byte> encode_hybrid(const PointGFp& point) { - if (point.is_zero()) + if(point.is_zero()) { SecureVector<byte> result (1); result[0] = 0; @@ -994,7 +757,7 @@ SecureVector<byte> encode_hybrid(const PointGFp& point) } u32bit l = point.get_curve().get_p().bits(); int dummy = l & 7; - if (dummy != 0) + if(dummy != 0) { l += 8 - dummy; } @@ -1007,7 +770,7 @@ SecureVector<byte> encode_hybrid(const PointGFp& point) SecureVector<byte> bY = BigInt::encode_1363(y, l); result.copy(1, bX.begin(), bX.size()); result.copy(l+1, bY.begin(), bY.size()); - if (y.get_bit(0)) + if(y.get_bit(0)) { result[0] |= 1; } @@ -1016,7 +779,7 @@ SecureVector<byte> encode_hybrid(const PointGFp& point) PointGFp OS2ECP(MemoryRegion<byte> const& os, const CurveGFp& curve) { - if (os.size() == 1 && os[0] == 0) + if(os.size() == 1 && os[0] == 0) { return PointGFp(curve); // return zero } @@ -1072,7 +835,7 @@ PointGFp OS2ECP(MemoryRegion<byte> const& os, const CurveGFp& curve) bX.copy(os.begin() + 1, l); bY.copy(os.begin()+1+l, l); yMod2 = (pc & 0x01) == 1; - if (!(PointGFp::decompress(yMod2, x, curve) == y)) + if(!(PointGFp::decompress(yMod2, x, curve) == y)) { throw Illegal_Point("error during decoding hybrid format"); } @@ -1107,7 +870,7 @@ GFpElement PointGFp::decompress(bool yMod2, const GFpElement& x, throw Illegal_Point("error during decompression"); bool zMod2 = z.get_bit(0); - if ((zMod2 && ! yMod2) || (!zMod2 && yMod2)) + if((zMod2 && ! yMod2) || (!zMod2 && yMod2)) { z = curve.get_p() - z; } diff --git a/src/math/gfpmath/point_gfp.h b/src/math/gfpmath/point_gfp.h index 0c7bb8428..1e47fa783 100644 --- a/src/math/gfpmath/point_gfp.h +++ b/src/math/gfpmath/point_gfp.h @@ -2,7 +2,7 @@ * Arithmetic for point groups of elliptic curves over GF(p) * * (C) 2007 Martin Doering, Christoph Ludwig, Falko Strenzke -* 2008 Jack Lloyd +* 2008-2010 Jack Lloyd * * Distributed under the terms of the Botan license */ @@ -11,9 +11,6 @@ #define BOTAN_POINT_GFP_H__ #include <botan/curve_gfp.h> -#include <botan/gfp_element.h> -#include <botan/bigint.h> -#include <botan/exceptn.h> #include <vector> namespace Botan { @@ -24,7 +21,7 @@ struct BOTAN_DLL Illegal_Point : public Exception }; /** -* This class represents one point on a curve of GF(p). +* This class represents one point on a curve of GF(p) */ class BOTAN_DLL PointGFp { @@ -48,7 +45,7 @@ class BOTAN_DLL PointGFp * Construct the point O * @param curve The base curve */ - explicit PointGFp(const CurveGFp& curve); + PointGFp(const CurveGFp& curve); /** * Construct a point given its affine coordinates @@ -56,8 +53,9 @@ class BOTAN_DLL PointGFp * @param x affine x coordinate * @param y affine y coordinate */ - explicit PointGFp(const CurveGFp& curve, GFpElement const& x, - GFpElement const& y); + PointGFp(const CurveGFp& curve, + const GFpElement& x, + const GFpElement& y); /** * Construct a point given its jacobian projective coordinates @@ -66,20 +64,13 @@ class BOTAN_DLL PointGFp * @param y jacobian projective y coordinate * @param z jacobian projective y coordinate */ - explicit PointGFp(const CurveGFp& curve, GFpElement const& x, - GFpElement const& y, GFpElement const& z); + PointGFp(const CurveGFp& curve, + const GFpElement& x, + const GFpElement& y, + const GFpElement& z); - /** - * copy constructor - * @param other the value to clone - */ - PointGFp(const PointGFp& other); - - /** - * assignment operator - * @param other The point to use as source for the assignment - */ - const PointGFp& operator=(const PointGFp& other); + //PointGFp(const PointGFp& other) = default; + //PointGFp& operator=(const PointGFp& other) = default; /** * assign another point which is on the same curve as *this @@ -87,8 +78,6 @@ class BOTAN_DLL PointGFp */ const PointGFp& assign_within_same_curve(const PointGFp& other); - - /** * += Operator * @param rhs the PointGFp to add to the local value @@ -126,8 +115,7 @@ class BOTAN_DLL PointGFp */ PointGFp& mult_this_secure(const BigInt& scalar, const BigInt& point_order, - const BigInt& max_secr - ); + const BigInt& max_secr); /** * Negate internal value(*this *= -1 ) @@ -162,43 +150,43 @@ class BOTAN_DLL PointGFp * thus x and y have just the affine values. * @result *this */ - PointGFp const get_z_to_one() const; + PointGFp get_z_to_one() const; /** * Return base curve of this point * @result the curve over GF(p) of this point */ - CurveGFp const get_curve() const; + const CurveGFp& get_curve() const { return mC; } /** * get affine x coordinate * @result affine x coordinate */ - GFpElement const get_affine_x() const; + GFpElement get_affine_x() const; /** * get affine y coordinate * @result affine y coordinate */ - GFpElement const get_affine_y() const; + GFpElement get_affine_y() const; /** * get the jacobian projective x coordinate * @result jacobian projective x coordinate */ - GFpElement const get_jac_proj_x() const; + GFpElement get_jac_proj_x() const; /** * get the jacobian projective y coordinate * @result jacobian projective y coordinate */ - GFpElement const get_jac_proj_y() const; + GFpElement get_jac_proj_y() const; /** * get the jacobian projective z coordinate * @result jacobian projective z coordinate */ - GFpElement const get_jac_proj_z() const; + GFpElement get_jac_proj_z() const; /** * Is this the point at infinity? @@ -214,36 +202,16 @@ class BOTAN_DLL PointGFp */ void check_invariants() const; - /** - * swaps the states of *this and other, does not throw! + * swaps the states of *this and other, does not throw! * @param other the object to swap values with */ void swap(PointGFp& other); - /** - * Sets the shared pointer to the GFpModulus that will be - * held in *this, specifically the various members of *this. - * Warning: do not use this function unless you know in detail about - * the implications of using - * the shared GFpModulus objects! - * Do NOT spread a shared pointer to GFpModulus over different - * threads! - * @param mod a shared pointer to a GFpModulus that will - * be held in the members *this - */ - void set_shrd_mod(std::tr1::shared_ptr<GFpModulus> p_mod); - static GFpElement decompress(bool yMod2, GFpElement const& x, const CurveGFp& curve); private: - static const u32bit GFPEL_WKSP_SIZE = 9; - void ensure_worksp() const; - - inline std::tr1::shared_ptr<PointGFp> mult_loop(int l, const BigInt& m, - std::tr1::shared_ptr<PointGFp> H, - std::tr1::shared_ptr<PointGFp> tmp, - const PointGFp& P); + void mult_loop(int l, const BigInt& m, PointGFp& H, const PointGFp& P); CurveGFp mC; mutable GFpElement mX; // NOTE: these values must be mutable (affine<->proj) @@ -255,8 +223,6 @@ class BOTAN_DLL PointGFp mutable bool mZpow2_set; mutable bool mZpow3_set; mutable bool mAZpow4_set; - mutable std::tr1::shared_ptr<std::vector<GFpElement> > mp_worksp_gfp_el; - }; // relational operators -- cgit v1.2.3 From d3ba30e826ad8d541b0e859d79c90db755f04eb0 Mon Sep 17 00:00:00 2001 From: lloyd <lloyd@randombit.net> Date: Tue, 23 Feb 2010 18:20:12 +0000 Subject: Cleanups. Remove PointGFp::mult_loop --- src/math/gfpmath/point_gfp.cpp | 45 +++++++++++++----------------------------- src/math/gfpmath/point_gfp.h | 2 -- 2 files changed, 14 insertions(+), 33 deletions(-) (limited to 'src/math') diff --git a/src/math/gfpmath/point_gfp.cpp b/src/math/gfpmath/point_gfp.cpp index c57ceebba..abf4451a6 100644 --- a/src/math/gfpmath/point_gfp.cpp +++ b/src/math/gfpmath/point_gfp.cpp @@ -281,16 +281,18 @@ PointGFp& PointGFp::mult_this_secure(const BigInt& scalar, //assert(mul_bits != 0); - mult_loop(mul_bits-1, m, H, P); + for(int i = mul_bits - 1; i >= 0; i--) + { + H.mult2_in_place(); + + if(m.get_bit(i)) + H += P; + } if(!H.is_zero()) // cannot convert if H == O - { *this = H.get_z_to_one(); - } else - { *this = H; - } mX.turn_off_sp_red_mul(); mY.turn_off_sp_red_mul(); @@ -309,55 +311,36 @@ PointGFp& PointGFp::operator*=(const BigInt& scalar) PointGFp P(*this); P.turn_on_sp_red_mul(); BigInt m(scalar); + if(m < BigInt(0)) { m = -m; P.negate(); } + if(P.is_zero() || (m == BigInt(0))) { *this = H; return *this; } - if(m == BigInt(1)) - { - //*this == P already + + if(m == BigInt(1)) //*this == P already return *this; - } const int l = m.bits() - 1; - for(int i=l; i >=0; i--) + for(int i = l; i >= 0; --i) { - H.mult2_in_place(); if(m.get_bit(i)) - { H += P; - } } if(!H.is_zero()) // cannot convert if H == O - { *this = H.get_z_to_one(); - }else - { + else *this = H; - } - return *this; - } -void PointGFp::mult_loop(int l, - const BigInt& m, - PointGFp& H, - const PointGFp& P) - { - for(int i=l; i >=0; i--) - { - H.mult2_in_place(); - - if(m.get_bit(i)) - H += P; - } + return *this; } PointGFp& PointGFp::negate() diff --git a/src/math/gfpmath/point_gfp.h b/src/math/gfpmath/point_gfp.h index 1e47fa783..5f8231fcb 100644 --- a/src/math/gfpmath/point_gfp.h +++ b/src/math/gfpmath/point_gfp.h @@ -211,8 +211,6 @@ class BOTAN_DLL PointGFp static GFpElement decompress(bool yMod2, GFpElement const& x, const CurveGFp& curve); private: - void mult_loop(int l, const BigInt& m, PointGFp& H, const PointGFp& P); - CurveGFp mC; mutable GFpElement mX; // NOTE: these values must be mutable (affine<->proj) mutable GFpElement mY; -- cgit v1.2.3 From 53b23d3ecb9f6967d27a7d613ab34a0564b1c0ff Mon Sep 17 00:00:00 2001 From: lloyd <lloyd@randombit.net> Date: Tue, 23 Feb 2010 18:25:37 +0000 Subject: Remove vestigal code in pointgfp for various side-channel countermeasures --- src/math/gfpmath/point_gfp.cpp | 57 +----------------------------------------- 1 file changed, 1 insertion(+), 56 deletions(-) (limited to 'src/math') diff --git a/src/math/gfpmath/point_gfp.cpp b/src/math/gfpmath/point_gfp.cpp index abf4451a6..baea38fed 100644 --- a/src/math/gfpmath/point_gfp.cpp +++ b/src/math/gfpmath/point_gfp.cpp @@ -222,64 +222,9 @@ PointGFp& PointGFp::mult_this_secure(const BigInt& scalar, return *this; } if(m == BigInt(1)) - { return *this; - } - // -#ifdef CM_AADA -#ifndef CM_RAND_EXP - int max_secr_bits = max_secr.bits(); -#endif -#endif - - int mul_bits = m.bits(); // this is used for a determined number of loop runs in - // the mult_loop where leading zero´s are padded if necessary. - // Here we assign the value that will be used when no countermeasures are specified -#ifdef CM_RAND_EXP - u32bit rand_r_bit_len = 20; // Coron(99) proposes 20 bit for r - -#ifdef CM_AADA - - BigInt r_max(1); - -#endif // CM_AADA - - // use randomized exponent -#ifdef TA_COLL_T - static BigInt r_randexp; - if(new_rand) - { - r_randexp = random_integer(rand_r_bit_len); - } - //assert(!r_randexp.is_zero()); -#else - BigInt r_randexp(random_integer(rand_r_bit_len)); -#endif - - m += r_randexp * point_order; - // determine mul_bits... -#ifdef CM_AADA - // AADA with rand. Exp. - //assert(rand_r_bit_len > 0); - r_max <<= rand_r_bit_len; - r_max -= 1; - //assert(r_max.bits() == rand_r_bit_len); - mul_bits = (max_secr + point_order * r_max).bits(); -#else - // rand. Exp. without AADA - mul_bits = m.bits(); -#endif // CM_AADA - - -#endif // CM_RAND_EXP - - // determine mul_bits... -#if(CM_AADA == 1 && CM_RAND_EXP != 1) - - mul_bits = max_secr_bits; -#endif // CM_AADA without CM_RAND_EXP - //assert(mul_bits != 0); + int mul_bits = m.bits(); for(int i = mul_bits - 1; i >= 0; i--) { -- cgit v1.2.3 From 31b12b7756094231672555604550e51eecaeb04c Mon Sep 17 00:00:00 2001 From: lloyd <lloyd@randombit.net> Date: Tue, 23 Feb 2010 19:33:39 +0000 Subject: in GFpElement remove some mutables and de-const membmer funcs as necessary --- src/math/gfpmath/gfp_element.cpp | 10 +++++----- src/math/gfpmath/gfp_element.h | 12 ++++++------ 2 files changed, 11 insertions(+), 11 deletions(-) (limited to 'src/math') diff --git a/src/math/gfpmath/gfp_element.cpp b/src/math/gfpmath/gfp_element.cpp index 7e660213e..863135491 100644 --- a/src/math/gfpmath/gfp_element.cpp +++ b/src/math/gfpmath/gfp_element.cpp @@ -165,20 +165,20 @@ BigInt montg_trf_to_ordres(const BigInt& m_res, const BigInt& m, const BigInt& r } -GFpElement::GFpElement(const BigInt& p, const BigInt& value, bool use_montgm) - : modulus(p), m_value(value %p), m_use_montgm(use_montgm), m_is_trf(false) +GFpElement::GFpElement(const BigInt& p, const BigInt& value, bool use_montgomery) + : modulus(p), m_value(value %p), m_use_montgm(use_montgomery), m_is_trf(false) { if(m_use_montgm) ensure_montgm_precomp(); } -void GFpElement::turn_on_sp_red_mul() const +void GFpElement::turn_on_sp_red_mul() { ensure_montgm_precomp(); m_use_montgm = true; } -void GFpElement::turn_off_sp_red_mul() const +void GFpElement::turn_off_sp_red_mul() { if(m_is_trf) { @@ -189,7 +189,7 @@ void GFpElement::turn_off_sp_red_mul() const m_use_montgm = false; } -void GFpElement::ensure_montgm_precomp() const +void GFpElement::ensure_montgm_precomp() { if((!modulus.get_r().is_zero()) && (!modulus.get_r_inv().is_zero()) && (!modulus.get_p_dash().is_zero())) { diff --git a/src/math/gfpmath/gfp_element.h b/src/math/gfpmath/gfp_element.h index fd76516b5..9d2523591 100644 --- a/src/math/gfpmath/gfp_element.h +++ b/src/math/gfpmath/gfp_element.h @@ -38,7 +38,7 @@ class BOTAN_DLL GFpElement * @param value the element value * @param use_montgm whether this object will use Montgomery multiplication */ - GFpElement(const BigInt& p, const BigInt& value, bool use_montgm = false); + GFpElement(const BigInt& p, const BigInt& value, bool use_montgm = true); // GFpElement(const GFpElement& other) = default; @@ -47,12 +47,12 @@ class BOTAN_DLL GFpElement /** * Switch Montgomery multiplcation optimizations ON */ - void turn_on_sp_red_mul() const; + void turn_on_sp_red_mul(); /** * Switch Montgomery multiplcation optimizations OFF */ - void turn_off_sp_red_mul() const; + void turn_off_sp_red_mul(); /** * += Operator @@ -164,15 +164,15 @@ class BOTAN_DLL GFpElement */ void swap(GFpElement& other); private: - void ensure_montgm_precomp() const; + void ensure_montgm_precomp(); void trf_to_mres() const; void trf_to_ordres() const; - mutable GFpModulus modulus; + GFpModulus modulus; mutable BigInt m_value; // ordinary residue or m-residue respectively // data members for montgomery multiplication - mutable bool m_use_montgm; + bool m_use_montgm; mutable bool m_is_trf; // if m_value is montgomery }; -- cgit v1.2.3 From 7347916cb685582d5f2b5fee4b518d0d1d4995ca Mon Sep 17 00:00:00 2001 From: lloyd <lloyd@randombit.net> Date: Tue, 23 Feb 2010 21:29:53 +0000 Subject: Remove the precomputed z^2, z^3, a*z^4 values from PointGFp --- src/math/gfpmath/point_gfp.cpp | 134 +++++++---------------------------------- src/math/gfpmath/point_gfp.h | 12 ---- 2 files changed, 23 insertions(+), 123 deletions(-) (limited to 'src/math') diff --git a/src/math/gfpmath/point_gfp.cpp b/src/math/gfpmath/point_gfp.cpp index baea38fed..166bb61dd 100644 --- a/src/math/gfpmath/point_gfp.cpp +++ b/src/math/gfpmath/point_gfp.cpp @@ -17,13 +17,7 @@ PointGFp::PointGFp(const CurveGFp& curve) : mC(curve), mX(curve.get_p(), 0), mY(curve.get_p(), 1), - mZ(curve.get_p(), 0), - mZpow2(curve.get_p(),0), - mZpow3(curve.get_p(),0), - mAZpow4(curve.get_p(),0), - mZpow2_set(false), - mZpow3_set(false), - mAZpow4_set(false) + mZ(curve.get_p(), 0) { } @@ -33,13 +27,7 @@ PointGFp::PointGFp(const CurveGFp& curve, const GFpElement& x, mC(curve), mX(x), mY(y), - mZ(z), - mZpow2(curve.get_p(),0), - mZpow3(curve.get_p(),0), - mAZpow4(curve.get_p(),0), - mZpow2_set(false), - mZpow3_set(false), - mAZpow4_set(false) + mZ(z) { } @@ -49,28 +37,10 @@ PointGFp::PointGFp(const CurveGFp& curve, mC(curve), mX(x), mY(y), - mZ(curve.get_p(),1), - mZpow2(curve.get_p(),0), - mZpow3(curve.get_p(),0), - mAZpow4(curve.get_p(),0), - mZpow2_set(false), - mZpow3_set(false), - mAZpow4_set(false) + mZ(curve.get_p(),1) { } -const PointGFp& PointGFp::assign_within_same_curve(PointGFp const& other) - { - mX = other.get_jac_proj_x(); - mY = other.get_jac_proj_y(); - mZ = other.get_jac_proj_z(); - mZpow2_set = false; - mZpow3_set = false; - mAZpow4_set = false; - // the rest stays! - return *this; - } - // arithmetic operators PointGFp& PointGFp::operator+=(const PointGFp& rhs) { @@ -89,19 +59,10 @@ PointGFp& PointGFp::operator+=(const PointGFp& rhs) if(rhs.mZ != mC.get_mres_one()) { - if((!rhs.mZpow2_set) || (!rhs.mZpow3_set)) - { - rhs.mZpow2 = rhs.mZ; - rhs.mZpow2 *= rhs.mZ; - rhs.mZpow3 = rhs.mZpow2; - rhs.mZpow3 *= rhs.mZ; - - rhs.mZpow2_set = true; - rhs.mZpow3_set = true; - } + GFpElement rhs_z2 = rhs.mZ * rhs.mZ; - U1 *= rhs.mZpow2; - S1 *= rhs.mZpow3; + U1 *= rhs_z2; + S1 *= rhs_z2 * rhs.mZ; } GFpElement U2 = rhs.mX; @@ -109,18 +70,10 @@ PointGFp& PointGFp::operator+=(const PointGFp& rhs) if(mZ != mC.get_mres_one()) { - if((!mZpow2_set) || (!mZpow3_set)) - { - // precomputation can´t be used, because *this changes anyway - mZpow2 = mZ; - mZpow2 *= mZ; - - mZpow3 = mZpow2; - mZpow3 *= mZ; - } + GFpElement lhs_z2 = mZ * mZ; - U2 *= mZpow2; - S2 *= mZpow3; + U2 *= lhs_z2; + S2 *= lhs_z2 * mZ; } GFpElement H(U2 - U1); @@ -165,10 +118,6 @@ PointGFp& PointGFp::operator+=(const PointGFp& rhs) else z = mZ * H; - mZpow2_set = false; - mZpow3_set = false; - mAZpow4_set = false; - mX = x; mY = y; mZ = z; @@ -291,9 +240,8 @@ PointGFp& PointGFp::operator*=(const BigInt& scalar) PointGFp& PointGFp::negate() { if(!is_zero()) - { mY.negate(); - } + return *this; } @@ -316,32 +264,17 @@ PointGFp& PointGFp::mult2_in_place() S = x + x; - if(!mAZpow4_set) + GFpElement a_z4 = mC.get_mres_a(); + if(mZ != mC.get_mres_one()) { - if(mZ == mC.get_mres_one()) - { - mAZpow4 = mC.get_mres_a(); - mAZpow4_set = true; - } - else - { - if(!mZpow2_set) - { - mZpow2 = mZ; - mZpow2 *= mZ; - - mZpow2_set = true; - } - - x = mZpow2 * mZpow2; - - mAZpow4 = mC.get_mres_a() * x; - } + GFpElement z2 = mZ * mZ; + a_z4 *= z2; + a_z4 *= z2; } GFpElement y(mX * mX); - GFpElement M(y + y + y + mAZpow4); + GFpElement M(y + y + y + a_z4); x = M * M - (S+S); @@ -366,9 +299,6 @@ PointGFp& PointGFp::mult2_in_place() mY = y; mZ = z; - mZpow2_set = false; - mZpow3_set = false; - mAZpow4_set = false; return *this; } @@ -386,12 +316,7 @@ void PointGFp::turn_on_sp_red_mul() const mX.get_mres(); mY.get_mres(); mZ.get_mres(); - - mZpow2.turn_on_sp_red_mul(); - mZpow3.turn_on_sp_red_mul(); - mAZpow4.turn_on_sp_red_mul(); } -// getters /** * returns a point equivalent to *this but were @@ -437,9 +362,7 @@ GFpElement PointGFp::get_affine_x() const if(is_zero()) throw Illegal_Transformation("cannot convert to affine"); - mZpow2 = mZ * mZ; - mZpow2_set = true; - GFpElement z2 = mZpow2; + GFpElement z2 = mZ * mZ; return mX * z2.inverse_in_place(); } @@ -448,9 +371,7 @@ GFpElement PointGFp::get_affine_y() const if(is_zero()) throw Illegal_Transformation("cannot convert to affine"); - mZpow3 = mZ * mZ * mZ; - mZpow3_set = true; - GFpElement z3 = mZpow3; + GFpElement z3 = mZ * mZ * mZ; return mY * z3.inverse_in_place(); } @@ -502,14 +423,11 @@ void PointGFp::check_invariants() const } - mZpow2 = mZ * mZ; - mZpow2_set = true; - mZpow3 = mZpow2 * mZ; - mZpow3_set = true; - mAZpow4 = mZpow3 * mZ * mC.get_a(); - mAZpow4_set = true; - const GFpElement aXZ4 = mAZpow4 * mX; - const GFpElement bZ6 = mC.get_b() * mZpow3 * mZpow3; + GFpElement Zpow2 = mZ * mZ; + GFpElement Zpow3 = Zpow2 * mZ; + GFpElement AZpow4 = Zpow3 * mZ * mC.get_a(); + const GFpElement aXZ4 = AZpow4 * mX; + const GFpElement bZ6 = mC.get_b() * Zpow3 * Zpow3; if(y2 != (x3 + aXZ4 + bZ6)) throw Illegal_Point(); @@ -522,12 +440,6 @@ void PointGFp::swap(PointGFp& other) mX.swap(other.mX); mY.swap(other.mY); mZ.swap(other.mZ); - mZpow2.swap(other.mZpow2); - mZpow3.swap(other.mZpow3); - mAZpow4.swap(other.mAZpow4); - std::swap<bool>(mZpow2_set, other.mZpow2_set); - std::swap<bool>(mZpow3_set, other.mZpow3_set); - std::swap<bool>(mAZpow4_set, other.mAZpow4_set); } PointGFp mult2(const PointGFp& point) diff --git a/src/math/gfpmath/point_gfp.h b/src/math/gfpmath/point_gfp.h index 5f8231fcb..276635f56 100644 --- a/src/math/gfpmath/point_gfp.h +++ b/src/math/gfpmath/point_gfp.h @@ -72,12 +72,6 @@ class BOTAN_DLL PointGFp //PointGFp(const PointGFp& other) = default; //PointGFp& operator=(const PointGFp& other) = default; - /** - * assign another point which is on the same curve as *this - * @param other The point to use as source for the assignment - */ - const PointGFp& assign_within_same_curve(const PointGFp& other); - /** * += Operator * @param rhs the PointGFp to add to the local value @@ -215,12 +209,6 @@ class BOTAN_DLL PointGFp mutable GFpElement mX; // NOTE: these values must be mutable (affine<->proj) mutable GFpElement mY; mutable GFpElement mZ; - mutable GFpElement mZpow2; // mZ^2 - mutable GFpElement mZpow3; // mZ^3 - mutable GFpElement mAZpow4; // mA*mZ^4 - mutable bool mZpow2_set; - mutable bool mZpow3_set; - mutable bool mAZpow4_set; }; // relational operators -- cgit v1.2.3 From 007b30735cadd163dce275fcd5b7706c84eeb2b6 Mon Sep 17 00:00:00 2001 From: lloyd <lloyd@randombit.net> Date: Wed, 24 Feb 2010 02:00:29 +0000 Subject: Remove UTF-8 chars in comments --- src/math/gfpmath/gfp_element.cpp | 2 +- src/math/gfpmath/gfp_element.h | 6 +++--- src/math/gfpmath/point_gfp.cpp | 4 ---- 3 files changed, 4 insertions(+), 8 deletions(-) (limited to 'src/math') diff --git a/src/math/gfpmath/gfp_element.cpp b/src/math/gfpmath/gfp_element.cpp index 863135491..3bb4d0002 100644 --- a/src/math/gfpmath/gfp_element.cpp +++ b/src/math/gfpmath/gfp_element.cpp @@ -303,7 +303,7 @@ const BigInt& GFpElement::get_mres() const if(!m_use_montgm) { // does the following exception really make sense? - // wouldn´t it be better to simply turn on montg.mult. when + // wouldn't it be better to simply turn on montg.mult. when // this explicit request is made? throw Illegal_Transformation("GFpElement is not allowed to be transformed to m-residue"); } diff --git a/src/math/gfpmath/gfp_element.h b/src/math/gfpmath/gfp_element.h index 9d2523591..538d41a47 100644 --- a/src/math/gfpmath/gfp_element.h +++ b/src/math/gfpmath/gfp_element.h @@ -121,9 +121,9 @@ class BOTAN_DLL GFpElement const BigInt& get_value() const; /** - * Tells whether this GFpElement is currently transformed to it´ m-residue, + * Tells whether this GFpElement is currently transformed to an m-residue, * i.e. in the form x_bar = x * r mod m. - * @result true if it is currently transformed to it´s m-residue. + * @result true if it is currently transformed to its m-residue. */ bool is_trf_to_mres() const; @@ -148,7 +148,7 @@ class BOTAN_DLL GFpElement * in ordinary residue representation (returns false). * m-residue is prefered in case of ambiguity. * does not toggle m_use_montgm of the arguments. - * Don´t be confused about the constness of the arguments: + * Don't be confused about the constness of the arguments: * the transformation between normal residue and m-residue is * considered as leaving the object const. * @param lhs the first operand to be aligned diff --git a/src/math/gfpmath/point_gfp.cpp b/src/math/gfpmath/point_gfp.cpp index 166bb61dd..4b2de7913 100644 --- a/src/math/gfpmath/point_gfp.cpp +++ b/src/math/gfpmath/point_gfp.cpp @@ -641,10 +641,6 @@ PointGFp OS2ECP(MemoryRegion<byte> const& os, const CurveGFp& curve) bX = SecureVector<byte>(os.size() - 1); bX.copy(os.begin()+1, os.size()-1); - /* Problem wäre, wenn decode() das erste bit als Vorzeichen interpretiert. - *--------------------- - * AW(FS): decode() interpretiert das erste Bit nicht als Vorzeichen - */ bi_dec_x = BigInt::decode(bX, bX.size()); x = GFpElement(curve.get_p(), bi_dec_x); bool yMod2; -- cgit v1.2.3